General
-
Target
562497367bdb4891a14d99b34a41bfa6ae56aa0c4f1514691f5c089c852953d0
-
Size
2.9MB
-
Sample
220725-f6dv8sggbn
-
MD5
63668401a2060becb1b30dd29a3e5902
-
SHA1
dbc2b76ffefad19270bcf27211332445f06c051f
-
SHA256
562497367bdb4891a14d99b34a41bfa6ae56aa0c4f1514691f5c089c852953d0
-
SHA512
172ea86dd06e1ab54097ca495adead976504fc02a477de8ffa3b7a7fd4a8311210405db0cec3724ac71c9f1e59bb2a89f53669a96f3ad059f75af11c49bb715c
Behavioral task
behavioral1
Sample
562497367bdb4891a14d99b34a41bfa6ae56aa0c4f1514691f5c089c852953d0.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
562497367bdb4891a14d99b34a41bfa6ae56aa0c4f1514691f5c089c852953d0.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
562497367bdb4891a14d99b34a41bfa6ae56aa0c4f1514691f5c089c852953d0
-
Size
2.9MB
-
MD5
63668401a2060becb1b30dd29a3e5902
-
SHA1
dbc2b76ffefad19270bcf27211332445f06c051f
-
SHA256
562497367bdb4891a14d99b34a41bfa6ae56aa0c4f1514691f5c089c852953d0
-
SHA512
172ea86dd06e1ab54097ca495adead976504fc02a477de8ffa3b7a7fd4a8311210405db0cec3724ac71c9f1e59bb2a89f53669a96f3ad059f75af11c49bb715c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-