General
-
Target
278e8330f82d841022731af21c5a9dbaea42147855123dc25774fa9569d065a4
-
Size
2.8MB
-
Sample
220215-r6vdrshdak
-
MD5
422537dfba1fc37e8581a376995ab779
-
SHA1
7b1eb52f277fa3512c7cb1379f6ee4da6372b01b
-
SHA256
278e8330f82d841022731af21c5a9dbaea42147855123dc25774fa9569d065a4
-
SHA512
c8eaf7a56a4401cb3182cf55a07db1dfe36fb5a459a6f6e28879d5e26a8742971d54aab78ed1f8a6a7c9220d6a19ba28cd7286027ceae8ae86526bba0468d0c6
Static task
static1
Behavioral task
behavioral1
Sample
278e8330f82d841022731af21c5a9dbaea42147855123dc25774fa9569d065a4.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
278e8330f82d841022731af21c5a9dbaea42147855123dc25774fa9569d065a4.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
278e8330f82d841022731af21c5a9dbaea42147855123dc25774fa9569d065a4
-
Size
2.8MB
-
MD5
422537dfba1fc37e8581a376995ab779
-
SHA1
7b1eb52f277fa3512c7cb1379f6ee4da6372b01b
-
SHA256
278e8330f82d841022731af21c5a9dbaea42147855123dc25774fa9569d065a4
-
SHA512
c8eaf7a56a4401cb3182cf55a07db1dfe36fb5a459a6f6e28879d5e26a8742971d54aab78ed1f8a6a7c9220d6a19ba28cd7286027ceae8ae86526bba0468d0c6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-