General
-
Target
5abf9ae3e99d972d17aaacd7a94d46ce
-
Size
5.1MB
-
Sample
240114-j65whaehdm
-
MD5
5abf9ae3e99d972d17aaacd7a94d46ce
-
SHA1
2d0d67b5815d2e7e81600d67c3b00536f3d9e3e9
-
SHA256
30d8b08625d38bfb5eaaf59a69135b2816e8efd9b6492bc901bd43696156705d
-
SHA512
39b53c5df98a367a1bb7d51e9447d99b9d85c4e7154dc0ae9078a925b88af09c1050f0e6bea4ac59768ee397d2fb1c6d0b758bcdaf5a83f81518d928b48594b6
-
SSDEEP
98304:W6x0SCoPyYXLz/EylRTvg1EUj3jrz2+2I17Jdt1jL8boTtG8:nPEcz/EeRTvg1EUjTr6zE9dt98kTL
Behavioral task
behavioral1
Sample
5abf9ae3e99d972d17aaacd7a94d46ce.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
5abf9ae3e99d972d17aaacd7a94d46ce
-
Size
5.1MB
-
MD5
5abf9ae3e99d972d17aaacd7a94d46ce
-
SHA1
2d0d67b5815d2e7e81600d67c3b00536f3d9e3e9
-
SHA256
30d8b08625d38bfb5eaaf59a69135b2816e8efd9b6492bc901bd43696156705d
-
SHA512
39b53c5df98a367a1bb7d51e9447d99b9d85c4e7154dc0ae9078a925b88af09c1050f0e6bea4ac59768ee397d2fb1c6d0b758bcdaf5a83f81518d928b48594b6
-
SSDEEP
98304:W6x0SCoPyYXLz/EylRTvg1EUj3jrz2+2I17Jdt1jL8boTtG8:nPEcz/EeRTvg1EUjTr6zE9dt98kTL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-