General
-
Target
Moon.Spoofer.7z
-
Size
157KB
-
Sample
240701-rzvqys1amj
-
MD5
f30719204fb7f43d8421fc4556d9c1ff
-
SHA1
31f69adc62c1cc6df0c88fba1a3073c7ee079034
-
SHA256
cbac1b913ad3d2738a5d5e4b2c0be68d574ca27877fe793f471ac02b52770c17
-
SHA512
e0453684a6ae98300b686ef9cbd98d0514bcb3d77edb1cea747645b85b2ff98410a0efb857bbcb03bebe249d67fbbcb37030028f318887c64a0424d9710ac66f
-
SSDEEP
3072:XNsAPwYmerW0BMy7Qm7abHjl/67eRtmtiLrOz5MGnIphGtq7oh:dsAoZeWdXRqe2U3O9MwIHGtq7oh
Static task
static1
Behavioral task
behavioral1
Sample
Moon Spoofer/Moon Spoofer/spoofer.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
Moon Spoofer/Moon Spoofer/spoofer.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
https://rentry.org/pancek61111111111111/raw
Targets
-
-
Target
Moon Spoofer/Moon Spoofer/spoofer.exe
-
Size
8KB
-
MD5
4fbb04c9e3aa983cbfc4980a7b5b7041
-
SHA1
34aeca658462e638521bc384a4935251678a9a78
-
SHA256
24f095f4f5796561cc9f9c60f71a2182fee89692f239c92e7447af3461e12731
-
SHA512
615534039ad97fea8c881656a53b6b0ead41e3770e0a3f3cd38052585dc5a102ab25b824c59c3142b75f6b62e56ff46ab981e27c889ded28a5cc2884581863bc
-
SSDEEP
192:Gh9Lz2jG4pFMYqLDQ1bhxZzzzhGjcJr9emxan6+UqawcTnYPvkVNxdpD:Gh9Liy4kLDQHtGjcJrQmxan6+/xcTnYg
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Blocklisted process makes network request
-
Legitimate hosting services abused for malware hosting/C2
-