Overview
overview
10Static
static
3Adobe Phot...un.dll
windows7-x64
3Adobe Phot...un.dll
windows10-2004-x64
3AdobeIPCBroker.exe
windows7-x64
3AdobeIPCBroker.exe
windows10-2004-x64
3customhook...ok.exe
windows7-x64
3customhook...ok.exe
windows10-2004-x64
3Adobe Phot...IM.dll
windows7-x64
4Adobe Phot...IM.dll
windows10-2004-x64
4Adobe Phot...sel.js
windows7-x64
3Adobe Phot...sel.js
windows10-2004-x64
3Adobe Phot...x.html
windows7-x64
3Adobe Phot...x.html
windows10-2004-x64
3Adobe Phot...min.js
windows7-x64
3Adobe Phot...min.js
windows10-2004-x64
3Adobe Phot...op.exe
windows7-x64
10Adobe Phot...op.exe
windows10-2004-x64
10Adobe Phot...ak.dll
windows10-2004-x64
1Adobe Phot...er.dll
windows10-2004-x64
3Adobe Phot...re.dll
windows7-x64
3Adobe Phot...re.dll
windows10-2004-x64
3General
-
Target
ba49a2b836fa3abe640fd5c32398796d4d497910cbeb0d53e20ccaf5f361ee7a
-
Size
226.7MB
-
Sample
241110-3wjp3axkhy
-
MD5
e93f9a844ecab1a07d2e3a10da3b67e6
-
SHA1
3a1b0a3114398396c4cee39031088ce814055239
-
SHA256
ba49a2b836fa3abe640fd5c32398796d4d497910cbeb0d53e20ccaf5f361ee7a
-
SHA512
ae6ca85d45a11ef43d65fd53f99a0eb1072c38f45edea0d7e172abc4859413b9584b46ecccfa16c522e4be785a78f1c50737b636cd6c6381cc1153962b67fe4f
-
SSDEEP
6291456:KaF+tDeLK7pnDfiEq4HSBpJw7R2LgcyD3VimNArIeEg+sf:Ka2DeLunGf4HEb0pV3Vi8g+o
Static task
static1
Behavioral task
behavioral1
Sample
Adobe Photoshop/Adobe 2022/autorun.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Adobe Photoshop/Adobe 2022/autorun.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
AdobeIPCBroker.exe
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
AdobeIPCBroker.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
customhook/AdobeIPCBrokerCustomHook.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
customhook/AdobeIPCBrokerCustomHook.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Adobe Photoshop/Adobe 2022/resources/AdobePIM.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
Adobe Photoshop/Adobe 2022/resources/AdobePIM.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Adobe Photoshop/Adobe 2022/resources/carousel/carousel.js
Resource
win7-20241010-en
Behavioral task
behavioral10
Sample
Adobe Photoshop/Adobe 2022/resources/carousel/carousel.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
Adobe Photoshop/Adobe 2022/resources/carousel/index.html
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
Adobe Photoshop/Adobe 2022/resources/carousel/index.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Adobe Photoshop/Adobe 2022/resources/carousel/lib/jquery.min.js
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
Adobe Photoshop/Adobe 2022/resources/carousel/lib/jquery.min.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
Adobe Photoshop/Adobe Photoshop.exe
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
Adobe Photoshop/Adobe Photoshop.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
Adobe Photoshop/fonts/jailbreak.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral18
Sample
Adobe Photoshop/fonts/usbhelper.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
Adobe Photoshop/fonts/win-core.dll
Resource
win7-20240708-en
Behavioral task
behavioral20
Sample
Adobe Photoshop/fonts/win-core.dll
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
5623257544_99
mechanikal.top:3306
mechanikal.top:28786
-
auth_value
a16f7ef3f77cf52053690cf937a7edaa
Targets
-
-
Target
Adobe Photoshop/Adobe 2022/autorun.ini
-
Size
41KB
-
MD5
768e8d12b251166d1a11d6e1075569a4
-
SHA1
1d9cca2a579fe2a966ae3ef6b08c81fbf43c1d5e
-
SHA256
cbf448b2066433129b505eddd0d62b2e5802aecf4d282f43268a07d9e55eb321
-
SHA512
b875b25efbb7f9298c3cbd992df8dbf6036cbc44224d30ea758e9af0ec73253843a19ba173e376fa1a5ba29b50363d09f1583f5d377577a1ee9cf80701312d7d
-
SSDEEP
768:EwUJmdMeVF6u4JaRngtG5hzod2NUDXSiJr2Qua1zhVvVaXLkjWz:EwUJPeVFBRn/62NUDXSiVNuaxhx0Dz
Score3/10 -
-
-
Target
AdobeIPCBroker.exe
-
Size
1.0MB
-
MD5
2281dffdb1988937b6c9d30128e64b42
-
SHA1
549c86e215b80f67a036fa93304fcb367e0f346d
-
SHA256
99557b43cd337e46afab2d277fc0e8cfe668241780e68dd4c88c9099f65c809b
-
SHA512
8bbc920054c842d6bb8ba5e3e5896dff6c56a6662a35dcde952a4a4b68d726352d9ffbee8734590214e6c640332d913a63802a2aed666794d4554c03f592be31
-
SSDEEP
24576:9PHeMy8QQGeQrRUm7KAd6JtFMGFWwa5iksXSGBwKMDHreO9w7chAd:ZbhSnKAwCWjMmXtgBwp
Score3/10 -
-
-
Target
customhook/AdobeIPCBrokerCustomHook.exe
-
Size
197KB
-
MD5
64100ce9dd9e670e28a487aabe7c1241
-
SHA1
4ac3eeb414d7d8d1c80b8644e445d2684991150f
-
SHA256
e97c8ed6d6c95556c11f73149a54b759548fd144e23f320ffa573709db9ccba7
-
SHA512
8527b9df907e98f0e810583cb1e64b7f8486e540daea5a7c0052e96d94516290eeb4f22163ed16b17006974d407132565e2c48d653ba385ab86857c0290d7cef
-
SSDEEP
3072:cjetgAXQLGOyYJI++TNHWtGm7B8xOVafniAg0Fujo+LXV5trbcCy:cjeAy+UN2t3AOb35bcCy
Score3/10 -
-
-
Target
Adobe Photoshop/Adobe 2022/resources/AdobePIM.dll
-
Size
2.1MB
-
MD5
7efc2b6852333d9ebac124d4844ba2af
-
SHA1
23c4a09cd6a63850c94109b7b8cbbc197f38931d
-
SHA256
7917708a9f343067e01242423eaa73ae981e20ce07ace6274fdcc71ee2b03b51
-
SHA512
0f9448baa5d1988c14e9b887fcf0491ad49bbdcb808d430a78e78de0e0cfa7a459988dde1a1e58413e621fc732af940a2d6d921a9d599dc495ace4e55f749c48
-
SSDEEP
49152:vDMuoV5iuRXAySHAf5rXXqEkZd78HGP1zQTThZOq1MSGY:vIuoVZDPrXXqEkZd78Hvyl4
Score4/10 -
-
-
Target
Adobe Photoshop/Adobe 2022/resources/carousel/carousel.js
-
Size
2KB
-
MD5
c728f39895d885d416ed009e68a43709
-
SHA1
761eafe80f3175a17a4eed9b2c53fbf7a35c8149
-
SHA256
ccf6c5f519b13ff9b8e4580a53bd0e57f10e00c1e6240c95e0bd2c28c45e0735
-
SHA512
6f176fd9652646f73a6be84ebffb6a384a87b1305745ce9e5d6d79ea1c1512705552af62a4c2cbfe481335cad69715cc265ba7dbb4087caefdb8333e45195e0f
Score3/10 -
-
-
Target
Adobe Photoshop/Adobe 2022/resources/carousel/index.html
-
Size
1KB
-
MD5
5587d0aaf5f5b87aebc43fad35b31b7a
-
SHA1
49ca26fdfb6eadacd4089b1684bbc6b573c96936
-
SHA256
d232db2f53be8dedd48ece25d2c6aec604a192421744c9d0ce7574a172fa0a9b
-
SHA512
e9e54f6fa57c80e776cea8f6a40dedfbd2fadd4c329c37890a06652475b2f2f2695a51d893c8b253e4ce427624ebe82cbc03ccb494410e39f78d56acff960cef
Score3/10 -
-
-
Target
Adobe Photoshop/Adobe 2022/resources/carousel/lib/jquery.min.js
-
Size
91KB
-
MD5
e1288116312e4728f98923c79b034b67
-
SHA1
8b6babff47b8a9793f37036fd1b1a3ad41d38423
-
SHA256
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
-
SHA512
bf28a9a446e50639a9592d7651f89511fc4e583e213f20a0dff3a44e1a7d73ceefdb6597db121c7742bde92410a27d83d92e2e86466858a19803e72a168e5656
-
SSDEEP
1536:96IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5T:v+vIklosn/BLXjxzMhsSQ
Score3/10 -
-
-
Target
Adobe Photoshop/Adobe Photoshop.exe
-
Size
676.9MB
-
MD5
2ded5fcb43860c72002d99c9fe2fbc2f
-
SHA1
c4754ba46ab5799468032a500dd1af2b6dfa439a
-
SHA256
b9628087374864e7b15d7bbc8a389f3af6a056d2bb1f54e3df74371de74a83a9
-
SHA512
e774e4c4faef9fb5cd6ea06bc8676f4611cbe00497c599edc4ca0edb4d2595df0355cf50f9c46468850ec0fb99d7bf1208e390b9b75723b58486fdb97cd0e0cf
-
SSDEEP
3072:OCH7v9lmvbpfyayDdbxJVGJw04FDeinuMtRkG2hmKV:OK7Fglry5bx84FDeiu42bV
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-
-
-
Target
Adobe Photoshop/fonts/jailbreak.dll
-
Size
90KB
-
MD5
3311f69d3894a7453fd23a505b5093d3
-
SHA1
a9bbecda9ef5ad4ea7ce1058b783d90ad58799ac
-
SHA256
ca77ab898a5181cfb07a2011583a2f43374f517b3c80d5cd05f033467a562302
-
SHA512
78775a24fc3da5ff947548a3ecf78b33f780d07280847bf9a18687450f45f63f5e3179c00fdb0227e16ac49a5b0572e4eff2676c901b28dde0e514bb8cd00ee5
-
SSDEEP
1536:1edILJQtthcQJB/uJ7+0glW7Rl30s6Sc6GvtaDBH1dvNIUo//xFAxkZa+oP7fqDo:1edIkhxGJ56SOtaDBpIwGhGF
Score1/10 -
-
-
Target
Adobe Photoshop/fonts/usbhelper.dll
-
Size
177KB
-
MD5
18889e99b337bb6797bd8f54d3f23bf7
-
SHA1
89780b93bf19bbed3f47993d27658ded87630792
-
SHA256
3219dadccbacfd68e2c1a211acd407035f92b909b6ff847f7db18e908a08b7a1
-
SHA512
a25b522a774e2c72f70c730711a1f785841965032bf66e0f4065572c439dd06fdbb88bd1d6fbeb97cd354ecca057683f6bf753c34d0f6d360faaf7f14c80c949
-
SSDEEP
3072:KssBi5Bloa4fIsaeWyBLLomzW4rZfFKw+tCfGH3UNeexiQMl7ZMWq/TlqaCUFW0:HYa46eWyBLXW8VeUizb1aa0
Score3/10 -
-
-
Target
Adobe Photoshop/fonts/win-core.dll
-
Size
41KB
-
MD5
768e8d12b251166d1a11d6e1075569a4
-
SHA1
1d9cca2a579fe2a966ae3ef6b08c81fbf43c1d5e
-
SHA256
cbf448b2066433129b505eddd0d62b2e5802aecf4d282f43268a07d9e55eb321
-
SHA512
b875b25efbb7f9298c3cbd992df8dbf6036cbc44224d30ea758e9af0ec73253843a19ba173e376fa1a5ba29b50363d09f1583f5d377577a1ee9cf80701312d7d
-
SSDEEP
768:EwUJmdMeVF6u4JaRngtG5hzod2NUDXSiJr2Qua1zhVvVaXLkjWz:EwUJPeVFBRn/62NUDXSiVNuaxhx0Dz
Score3/10 -