General
-
Target
291fb9999009b5cb5e1ce39a6c58472291cdaaaeeea56beb6a4d0b7925574dca
-
Size
2.6MB
-
Sample
210228-lxqkflmh4j
-
MD5
7d5efe07472bd441a9d6b3eefc33008f
-
SHA1
bd2d32b6b2145489eb7cf1371315bf97661e7f86
-
SHA256
291fb9999009b5cb5e1ce39a6c58472291cdaaaeeea56beb6a4d0b7925574dca
-
SHA512
49e87152870ddecfc8695fce4d6c81d0bab0889be26c85a3b14b0abf1f60cb848f63c244fde55266c72d58ac1a2c7e38e633b828e8177dc64fbda2c8e003c7bb
Behavioral task
behavioral1
Sample
291fb9999009b5cb5e1ce39a6c58472291cdaaaeeea56beb6a4d0b7925574dca.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
291fb9999009b5cb5e1ce39a6c58472291cdaaaeeea56beb6a4d0b7925574dca.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
291fb9999009b5cb5e1ce39a6c58472291cdaaaeeea56beb6a4d0b7925574dca
-
Size
2.6MB
-
MD5
7d5efe07472bd441a9d6b3eefc33008f
-
SHA1
bd2d32b6b2145489eb7cf1371315bf97661e7f86
-
SHA256
291fb9999009b5cb5e1ce39a6c58472291cdaaaeeea56beb6a4d0b7925574dca
-
SHA512
49e87152870ddecfc8695fce4d6c81d0bab0889be26c85a3b14b0abf1f60cb848f63c244fde55266c72d58ac1a2c7e38e633b828e8177dc64fbda2c8e003c7bb
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-