General
-
Target
f8614450b74d481b439c39883c35e6fcf06dced40f1b81fabb70d32aa6b901c1
-
Size
3.2MB
-
Sample
220215-e8sxhaccfp
-
MD5
30bc76492b074d916332842f9d95ad8c
-
SHA1
04d4c440626748a77753857485b521ad49435850
-
SHA256
f8614450b74d481b439c39883c35e6fcf06dced40f1b81fabb70d32aa6b901c1
-
SHA512
30243c0a30891f75a29250177f105d1e3d903550f4050ae3ff9d5e01ddb94e6009a9a30198d5d252c62305036a932584f1a1baa8a9ef56db8a1fb99a5d6971b4
Static task
static1
Behavioral task
behavioral1
Sample
f8614450b74d481b439c39883c35e6fcf06dced40f1b81fabb70d32aa6b901c1.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
f8614450b74d481b439c39883c35e6fcf06dced40f1b81fabb70d32aa6b901c1.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
f8614450b74d481b439c39883c35e6fcf06dced40f1b81fabb70d32aa6b901c1
-
Size
3.2MB
-
MD5
30bc76492b074d916332842f9d95ad8c
-
SHA1
04d4c440626748a77753857485b521ad49435850
-
SHA256
f8614450b74d481b439c39883c35e6fcf06dced40f1b81fabb70d32aa6b901c1
-
SHA512
30243c0a30891f75a29250177f105d1e3d903550f4050ae3ff9d5e01ddb94e6009a9a30198d5d252c62305036a932584f1a1baa8a9ef56db8a1fb99a5d6971b4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-