General
-
Target
d6e31c14d40784a2ff3b92ddea17ceb6eace0d64c4526bf17f8932700528dfe1
-
Size
1.0MB
-
Sample
240502-gynwxadc39
-
MD5
54157cf64e446ff5a770a6069b8fbe3d
-
SHA1
1fba63057d28f0ca09abc3bbe49e5a112c2d6691
-
SHA256
d6e31c14d40784a2ff3b92ddea17ceb6eace0d64c4526bf17f8932700528dfe1
-
SHA512
af04d5ad53ec36689e75815f073de6a0c3b92ee514873aa0b83dc502b41a1178ea95363d0be867c18dbed5dd26d574e179eca4086f690d955132363a64c0efcf
-
SSDEEP
12288:HxGpnfsN5omb4dgxnjxNQSn/npYb5z/B1f2QFkR1rwSlmrbpALFLzQuRGux2WTv7:HMo5omEdgNjxHfpYF5oQ
Static task
static1
Behavioral task
behavioral1
Sample
d6e31c14d40784a2ff3b92ddea17ceb6eace0d64c4526bf17f8932700528dfe1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d6e31c14d40784a2ff3b92ddea17ceb6eace0d64c4526bf17f8932700528dfe1.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
d6e31c14d40784a2ff3b92ddea17ceb6eace0d64c4526bf17f8932700528dfe1
-
Size
1.0MB
-
MD5
54157cf64e446ff5a770a6069b8fbe3d
-
SHA1
1fba63057d28f0ca09abc3bbe49e5a112c2d6691
-
SHA256
d6e31c14d40784a2ff3b92ddea17ceb6eace0d64c4526bf17f8932700528dfe1
-
SHA512
af04d5ad53ec36689e75815f073de6a0c3b92ee514873aa0b83dc502b41a1178ea95363d0be867c18dbed5dd26d574e179eca4086f690d955132363a64c0efcf
-
SSDEEP
12288:HxGpnfsN5omb4dgxnjxNQSn/npYb5z/B1f2QFkR1rwSlmrbpALFLzQuRGux2WTv7:HMo5omEdgNjxHfpYF5oQ
Score10/10-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Suspicious use of SetThreadContext
-