General
-
Target
Redengine Crack.exe
-
Size
17.0MB
-
Sample
240619-ke6t6a1hkr
-
MD5
ab167bc1cb763ad2cfdfc86ee45b9f22
-
SHA1
03c9e4fe5f1b789adae9ea0f91789c8ad58aa10c
-
SHA256
2da8c55da46f148005b1b6eb5eaf231091b9f05ce4f73085abea04c242d77af4
-
SHA512
f39cdba1aab81ee29ea44e21857abf5a51a70887ca476768a5abdcd38a721d2fd51915e356c925946d5837a749c4df7229c875b2efe5831f5c3ec4f2545b9d42
-
SSDEEP
393216:UxAhZ1FeREWOL2Vmd6m7/m3pz0GzajJBfrSsvItRzxFHkhy7Yc:Um7jeRayVmdRKDEJB2sQtxxFE8
Behavioral task
behavioral1
Sample
Redengine Crack.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Redengine Crack.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
main.pyc
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
main.pyc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Redengine Crack.exe
-
Size
17.0MB
-
MD5
ab167bc1cb763ad2cfdfc86ee45b9f22
-
SHA1
03c9e4fe5f1b789adae9ea0f91789c8ad58aa10c
-
SHA256
2da8c55da46f148005b1b6eb5eaf231091b9f05ce4f73085abea04c242d77af4
-
SHA512
f39cdba1aab81ee29ea44e21857abf5a51a70887ca476768a5abdcd38a721d2fd51915e356c925946d5837a749c4df7229c875b2efe5831f5c3ec4f2545b9d42
-
SSDEEP
393216:UxAhZ1FeREWOL2Vmd6m7/m3pz0GzajJBfrSsvItRzxFHkhy7Yc:Um7jeRayVmdRKDEJB2sQtxxFE8
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
main.pyc
-
Size
22KB
-
MD5
e6238cb9a3b60dd096638f4f2d5ba762
-
SHA1
73cce38064ec658e98a15493da495a7ac0af1449
-
SHA256
7ed0bc63c96f84a177873bf9f772d175481dbb0e8cf30a62384ee0a707e2b005
-
SHA512
a46309d6353904cb31d8aad90d8ab7950cc38b566abd99e0f28939f776d4cbe7cebba19e55b3507b02820de73687e588e34cc16108c844413d86cfcef62d85bd
-
SSDEEP
384:gT8E5sFcJcpMIWfG68Xph6E0y4c3Tz3zMz6HYBcqB3RMxCCWViCWLrgSy28ichmO:gTl5sFcdIWrYph6E0pc3TDIBGqBGtQ2+
Score3/10 -