General

  • Target

    d6e31c14d40784a2ff3b92ddea17ceb6eace0d64c4526bf17f8932700528dfe1

  • Size

    1.0MB

  • Sample

    240502-gynwxadc39

  • MD5

    54157cf64e446ff5a770a6069b8fbe3d

  • SHA1

    1fba63057d28f0ca09abc3bbe49e5a112c2d6691

  • SHA256

    d6e31c14d40784a2ff3b92ddea17ceb6eace0d64c4526bf17f8932700528dfe1

  • SHA512

    af04d5ad53ec36689e75815f073de6a0c3b92ee514873aa0b83dc502b41a1178ea95363d0be867c18dbed5dd26d574e179eca4086f690d955132363a64c0efcf

  • SSDEEP

    12288:HxGpnfsN5omb4dgxnjxNQSn/npYb5z/B1f2QFkR1rwSlmrbpALFLzQuRGux2WTv7:HMo5omEdgNjxHfpYF5oQ

Malware Config

Targets

    • Target

      d6e31c14d40784a2ff3b92ddea17ceb6eace0d64c4526bf17f8932700528dfe1

    • Size

      1.0MB

    • MD5

      54157cf64e446ff5a770a6069b8fbe3d

    • SHA1

      1fba63057d28f0ca09abc3bbe49e5a112c2d6691

    • SHA256

      d6e31c14d40784a2ff3b92ddea17ceb6eace0d64c4526bf17f8932700528dfe1

    • SHA512

      af04d5ad53ec36689e75815f073de6a0c3b92ee514873aa0b83dc502b41a1178ea95363d0be867c18dbed5dd26d574e179eca4086f690d955132363a64c0efcf

    • SSDEEP

      12288:HxGpnfsN5omb4dgxnjxNQSn/npYb5z/B1f2QFkR1rwSlmrbpALFLzQuRGux2WTv7:HMo5omEdgNjxHfpYF5oQ

    • Detect ZGRat V1

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks