Overview

overview

10

Static

static

1

redirect.html

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    redirect

  • Size

    6KB

  • Sample

    240509-t7eqtaeh98

  • MD5

    81c1b324d6bd1f0e100ac0d74680e349

  • SHA1

    ecff724ae87c7678d2a2acab0a6c9beaf80c29b6

  • SHA256

    e1d6fa7331003a1218c5bed0ea07ee1da0029270ea8493435230c8d4587038c2

  • SHA512

    f9eb6c6c0abbea8bf7c7584918eb60e2603b20b64cb66085b7e7aba5e9511c58e329754961a3b98aa481be36dce8ca9c23ee35b3141190865ea3d92e5b16d55a

  • SSDEEP

    192:dTHLxX7777/77QF7KXyrp0Lod4BYCIp/hOAyXFET:dTr5HY4C0+CIp/hOAyXFK

Score
10/10
redlinezgratinfostealerrat

Malware Config

Targets

    • Target

      redirect

    • Size

      6KB

    • MD5

      81c1b324d6bd1f0e100ac0d74680e349

    • SHA1

      ecff724ae87c7678d2a2acab0a6c9beaf80c29b6

    • SHA256

      e1d6fa7331003a1218c5bed0ea07ee1da0029270ea8493435230c8d4587038c2

    • SHA512

      f9eb6c6c0abbea8bf7c7584918eb60e2603b20b64cb66085b7e7aba5e9511c58e329754961a3b98aa481be36dce8ca9c23ee35b3141190865ea3d92e5b16d55a

    • SSDEEP

      192:dTHLxX7777/77QF7KXyrp0Lod4BYCIp/hOAyXFET:dTr5HY4C0+CIp/hOAyXFK

    Score
    10/10
    redlinezgratinfostealerrat

    • Detect ZGRat V1

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks