General
-
Target
5b607f814566590806500daf7c6e42f8
-
Size
2.4MB
-
Sample
240114-qw57vabafp
-
MD5
5b607f814566590806500daf7c6e42f8
-
SHA1
dc0d8c1b11071a2af1f126908d19485b46a1bd24
-
SHA256
8d15fb33beefc75810f855ff44e0bf14ea6ada6cdab9371edfc479adcfed9a9d
-
SHA512
a129846f19f31ad3048c6f54b67486b5fe63ffce72ca4aca16185bef2aa174989a8aa3c724f55a8892ec93dd010e92fbdee57d95a1b6997b017574f6a2645591
-
SSDEEP
49152:YYGHCEyloc5dxe23pGpUJf+UohAs55PWdDxkKdPy7OzvV8E:YYCBooc3g25GpUJf+fSs55WRxJxjvf
Behavioral task
behavioral1
Sample
5b607f814566590806500daf7c6e42f8.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
5b607f814566590806500daf7c6e42f8
-
Size
2.4MB
-
MD5
5b607f814566590806500daf7c6e42f8
-
SHA1
dc0d8c1b11071a2af1f126908d19485b46a1bd24
-
SHA256
8d15fb33beefc75810f855ff44e0bf14ea6ada6cdab9371edfc479adcfed9a9d
-
SHA512
a129846f19f31ad3048c6f54b67486b5fe63ffce72ca4aca16185bef2aa174989a8aa3c724f55a8892ec93dd010e92fbdee57d95a1b6997b017574f6a2645591
-
SSDEEP
49152:YYGHCEyloc5dxe23pGpUJf+UohAs55PWdDxkKdPy7OzvV8E:YYCBooc3g25GpUJf+fSs55WRxJxjvf
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-