General
-
Target
SPECIFICHE TECNICHE PER LA FORNITURA DI ATTREZZATURE.exe
-
Size
1.9MB
-
Sample
240801-pkfx5szgnm
-
MD5
af951609aa80d5de83f9a02db46bd8cc
-
SHA1
cdac52bb244e70b48d3d414f451bb0b4de1c4f8e
-
SHA256
fae7035785c175dcad0c51146ce8c55fbf0d9f09380c2a20a52b4bdc67205030
-
SHA512
bcdf5c251155172f953955c534cee9cacf897bc1c71d78abbe36630b795d50041c65037413aee191e25d29c6a4d5d6bc8640669cbf83def15e368baf8ede3732
-
SSDEEP
12288:aUANuMn2d0FH5+fZMdgESJ7UP0+F1e9FMRr6A1:lANuMnNF8MevUPPF893A1
Static task
static1
Behavioral task
behavioral1
Sample
SPECIFICHE TECNICHE PER LA FORNITURA DI ATTREZZATURE.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
SPECIFICHE TECNICHE PER LA FORNITURA DI ATTREZZATURE.exe
Resource
win10v2004-20240730-en
Malware Config
Extracted
redline
lovato
57.128.132.216:55123
Targets
-
-
Target
SPECIFICHE TECNICHE PER LA FORNITURA DI ATTREZZATURE.exe
-
Size
1.9MB
-
MD5
af951609aa80d5de83f9a02db46bd8cc
-
SHA1
cdac52bb244e70b48d3d414f451bb0b4de1c4f8e
-
SHA256
fae7035785c175dcad0c51146ce8c55fbf0d9f09380c2a20a52b4bdc67205030
-
SHA512
bcdf5c251155172f953955c534cee9cacf897bc1c71d78abbe36630b795d50041c65037413aee191e25d29c6a4d5d6bc8640669cbf83def15e368baf8ede3732
-
SSDEEP
12288:aUANuMn2d0FH5+fZMdgESJ7UP0+F1e9FMRr6A1:lANuMnNF8MevUPPF893A1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-