Overview

overview

10

Static

static

3

Software_1.30.1.exe

windows7-x64

10

Software_1.30.1.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Software_1.30.1.exe

  • Size

    467KB

  • Sample

    240428-y48a6sgc22

  • MD5

    78761714083bfed3a4442e272cd45d4d

  • SHA1

    7bdabb17aff9a7f0a40ffb82c01247ecd86a1f79

  • SHA256

    5bd85baa40cb6af22a075edf10fd0a8ad1b488e1b4bd4289e2cd66a3bb4a0fdf

  • SHA512

    f3aae77edb0790d910195eaba31a83710636edb4bbc3c32cf4268b50348f1ca67391460c9f15352b78645d0a7ba0ffb0020ad08bd96fcd64ef172f6f6be89296

  • SSDEEP

    12288:l41RqMw8LxT6hIshPRIrDiWVnpP50V/HPQyHqj00FeQNSI:l4XqMiuiP2amnV57AqhjR

Score
10/10
redlinezgratinfostealerrat

Malware Config

Targets

    • Target

      Software_1.30.1.exe

    • Size

      467KB

    • MD5

      78761714083bfed3a4442e272cd45d4d

    • SHA1

      7bdabb17aff9a7f0a40ffb82c01247ecd86a1f79

    • SHA256

      5bd85baa40cb6af22a075edf10fd0a8ad1b488e1b4bd4289e2cd66a3bb4a0fdf

    • SHA512

      f3aae77edb0790d910195eaba31a83710636edb4bbc3c32cf4268b50348f1ca67391460c9f15352b78645d0a7ba0ffb0020ad08bd96fcd64ef172f6f6be89296

    • SSDEEP

      12288:l41RqMw8LxT6hIshPRIrDiWVnpP50V/HPQyHqj00FeQNSI:l4XqMiuiP2amnV57AqhjR

    Score
    10/10
    redlinezgratinfostealerrat

    • Detect ZGRat V1

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks