General
-
Target
Redact-Setup-0.17.0.exe
-
Size
8.3MB
-
Sample
241109-qzq74ayjhl
-
MD5
1a2e40dd35088fc1f6d3e20b7752f6f3
-
SHA1
55f00dbcd36e602ee868bfd743489b62d932558f
-
SHA256
02577be2bd36691539020952018b01750a5a3a7741cacc641c7f6dbe67e07ede
-
SHA512
d9421c234f21bdaebb7f2a2b3c02e93b5c307beaec380600b47c3458e2030f171c1c787a0697711eb06f5f0a67bab4f193a9c1786303a35f4a88cb31e116ee65
-
SSDEEP
196608:nWuYowfI9jUCzi4H1qSiXLGVi7DMgpZASEyQ0VMwICEc/jB:GIHziK1piXLGVE4UrS0VJ9
Behavioral task
behavioral1
Sample
Redact-Setup-0.17.0.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
Redact-Setup-0.17.0.exe
-
Size
8.3MB
-
MD5
1a2e40dd35088fc1f6d3e20b7752f6f3
-
SHA1
55f00dbcd36e602ee868bfd743489b62d932558f
-
SHA256
02577be2bd36691539020952018b01750a5a3a7741cacc641c7f6dbe67e07ede
-
SHA512
d9421c234f21bdaebb7f2a2b3c02e93b5c307beaec380600b47c3458e2030f171c1c787a0697711eb06f5f0a67bab4f193a9c1786303a35f4a88cb31e116ee65
-
SSDEEP
196608:nWuYowfI9jUCzi4H1qSiXLGVi7DMgpZASEyQ0VMwICEc/jB:GIHziK1piXLGVE4UrS0VJ9
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates processes with tasklist
-