General
-
Target
323053004bc09e79c9679121caeb0c5b83c98918922c38a8f585102f60d34655
-
Size
2.7MB
-
Sample
220215-rt1d9ahbeq
-
MD5
6199c715751419cc9b62e8682b45cc53
-
SHA1
0b56648ffcfbb582fb5f8d76359277b34536d8ba
-
SHA256
323053004bc09e79c9679121caeb0c5b83c98918922c38a8f585102f60d34655
-
SHA512
c94e3be8a1a1034c9a7c9bef38a9d0a0e82d901dc406c1f0d7a900ea8f6ae667d4bca654f4b2536bb47e15785d37ce48b0537748dea42e6544dd5eb4ee3c514d
Static task
static1
Behavioral task
behavioral1
Sample
323053004bc09e79c9679121caeb0c5b83c98918922c38a8f585102f60d34655.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
323053004bc09e79c9679121caeb0c5b83c98918922c38a8f585102f60d34655.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
323053004bc09e79c9679121caeb0c5b83c98918922c38a8f585102f60d34655
-
Size
2.7MB
-
MD5
6199c715751419cc9b62e8682b45cc53
-
SHA1
0b56648ffcfbb582fb5f8d76359277b34536d8ba
-
SHA256
323053004bc09e79c9679121caeb0c5b83c98918922c38a8f585102f60d34655
-
SHA512
c94e3be8a1a1034c9a7c9bef38a9d0a0e82d901dc406c1f0d7a900ea8f6ae667d4bca654f4b2536bb47e15785d37ce48b0537748dea42e6544dd5eb4ee3c514d
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-