General
-
Target
OwnCheat.exe
-
Size
433KB
-
Sample
240501-wty9each8x
-
MD5
7e46d11cc986f86dc1210adfc6f51248
-
SHA1
89823c4faf48f75c9578c2e31367bd2d0fd7225a
-
SHA256
af8c537868eae76c5616f69dde5d25fa0ac00d9ac60d3afc0eff574830f5c123
-
SHA512
61f4e103115ae908a68ac001d7e73d600ea727646c6daeff0474a6f18102ee70de67e145875827a70a0f7a47138eb55724c266252aa792ef514994328a8aed4d
-
SSDEEP
12288:vAmzq9FyLqvk/5c1bTmsygfKKP8EQi8vrm:vAm+6q+sK/gSbiY
Static task
static1
Behavioral task
behavioral1
Sample
OwnCheat.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
OwnCheat.exe
-
Size
433KB
-
MD5
7e46d11cc986f86dc1210adfc6f51248
-
SHA1
89823c4faf48f75c9578c2e31367bd2d0fd7225a
-
SHA256
af8c537868eae76c5616f69dde5d25fa0ac00d9ac60d3afc0eff574830f5c123
-
SHA512
61f4e103115ae908a68ac001d7e73d600ea727646c6daeff0474a6f18102ee70de67e145875827a70a0f7a47138eb55724c266252aa792ef514994328a8aed4d
-
SSDEEP
12288:vAmzq9FyLqvk/5c1bTmsygfKKP8EQi8vrm:vAm+6q+sK/gSbiY
-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-