General
-
Target
214f529610a21cac472953e9fedcfd97dab4157cc4728e0359d0c8b43eec4e83.exe
-
Size
823KB
-
Sample
250124-va3xtaxqcs
-
MD5
cb969a52c9e39af129f9576a50ba4b3b
-
SHA1
7e7b5375e96f75908a27e902063d8361e609fcf9
-
SHA256
214f529610a21cac472953e9fedcfd97dab4157cc4728e0359d0c8b43eec4e83
-
SHA512
635b37e227d4b68ab20468f7e250ff5354e1ab974a2e1112af7cdc4b366efb60f848958a5992c2ce0a52a13514f16bcffa327ce962db9c77534d00c287b5d15f
-
SSDEEP
12288:RIn4OoL0imc1pBWMmeeCWOxdI+uTi1chp/gj8pz5pfGBT68siS:xr0x6MeAmmrFfG96r
Malware Config
Targets
-
-
Target
214f529610a21cac472953e9fedcfd97dab4157cc4728e0359d0c8b43eec4e83.exe
-
Size
823KB
-
MD5
cb969a52c9e39af129f9576a50ba4b3b
-
SHA1
7e7b5375e96f75908a27e902063d8361e609fcf9
-
SHA256
214f529610a21cac472953e9fedcfd97dab4157cc4728e0359d0c8b43eec4e83
-
SHA512
635b37e227d4b68ab20468f7e250ff5354e1ab974a2e1112af7cdc4b366efb60f848958a5992c2ce0a52a13514f16bcffa327ce962db9c77534d00c287b5d15f
-
SSDEEP
12288:RIn4OoL0imc1pBWMmeeCWOxdI+uTi1chp/gj8pz5pfGBT68siS:xr0x6MeAmmrFfG96r
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Eternity family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-