General
-
Target
48797d3f3c4b92917726443e39daa41081cf2efcf6fd311012bad4b590caef34
-
Size
2.6MB
-
Sample
220714-dfct5sdeb4
-
MD5
8648920e1e7af16a4a22f8df9436921d
-
SHA1
90ee3ca8ae0924d66929838836306568bb2cd19e
-
SHA256
48797d3f3c4b92917726443e39daa41081cf2efcf6fd311012bad4b590caef34
-
SHA512
f3c9df7029a3d63e20490758071fbcc6d39c59961c80a93a0d921c284bc354059481741e251e70387c2d6ce6836feee99c79a33c8095323db31bb5bcdbcfdd7b
Static task
static1
Behavioral task
behavioral1
Sample
48797d3f3c4b92917726443e39daa41081cf2efcf6fd311012bad4b590caef34.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
48797d3f3c4b92917726443e39daa41081cf2efcf6fd311012bad4b590caef34.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
48797d3f3c4b92917726443e39daa41081cf2efcf6fd311012bad4b590caef34
-
Size
2.6MB
-
MD5
8648920e1e7af16a4a22f8df9436921d
-
SHA1
90ee3ca8ae0924d66929838836306568bb2cd19e
-
SHA256
48797d3f3c4b92917726443e39daa41081cf2efcf6fd311012bad4b590caef34
-
SHA512
f3c9df7029a3d63e20490758071fbcc6d39c59961c80a93a0d921c284bc354059481741e251e70387c2d6ce6836feee99c79a33c8095323db31bb5bcdbcfdd7b
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-