General
-
Target
CrackLauncher.rar
-
Size
434KB
-
Sample
240705-sjy9washra
-
MD5
11752c15bd4e4e0976703afb5ae1f956
-
SHA1
93b190f262a9ec33f169aad44abe9c4f329a07d6
-
SHA256
58edde32d88774ffa1ef264a33d4409ba1ec7f3beacd4a513979b377ab2974e2
-
SHA512
79f2d66e64780891a6214249ee24cd804d55953c586409161e5f968111acc857ccde3cb9d726de9ba6bd0a0e62fa3f7c3bb65504e23ee4e58126f3a0a709c89a
-
SSDEEP
12288:HS6H41EAA3cIY72sDyp//oEbPYUPZvbStA:HSA4m3PG/Dk/lbPnPVbl
Static task
static1
Behavioral task
behavioral1
Sample
CrackLauncher.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
CrackLauncher.exe
-
Size
10.8MB
-
MD5
11d7977a419c86f7bd7ed4552202409a
-
SHA1
beecbe6595e0ac6e58f9e8b992af4b1d23d9feca
-
SHA256
5624211799c6a3b8f4db6a1c41f8133ecfe21beef359ea2bf314388c0ac6c97a
-
SHA512
04b6f0c91a1b57f782e8a070cc4d3e8326191e20e97cdc0821fbf2dc3d9930afacf5374f30e8e781a7d4ebd0ef7d0ec43c6df03bf93d1784591542b992824729
-
SSDEEP
24576:Lhvq1/79VuHnqDZ+WN59IW6z9OQEKZm+jWodEEYkMYog:FyL7/IW6z9OHQ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-