General
-
Target
3b63463cff43564e61211b34942a4e1caff9fead3def8e27cc657335fc55abc8
-
Size
5.6MB
-
Sample
241110-y8a68svcqe
-
MD5
a1ceb6cb6b1c7e2df66d00767adc46d6
-
SHA1
b106138253d9d5baf55a06b546315ebe834ac13f
-
SHA256
3b63463cff43564e61211b34942a4e1caff9fead3def8e27cc657335fc55abc8
-
SHA512
46256f2070d5ce24e90ee1bb362b783912a8f28e2e17c638eb3245ad81cdb7f907b7c34e3527566d5f0debec2d76b3a771c10bec36823c382bde2c7170bde9c5
-
SSDEEP
98304:AExixOAvshpURQo/1RoW8pedo00eFAAUgRkj9UWwIOgAR0VmgzgyhSov5WamWzBu:AEmOphSeoz8p8cgRkj9UWsfszgKd5Waa
Behavioral task
behavioral1
Sample
Hypnoz Generator.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
Hypnoz Generator.exe
-
Size
5.7MB
-
MD5
61bf8c7f6d368f10fe841fed2d51bb46
-
SHA1
6cc3b59948586329194743e2f984414bdef49477
-
SHA256
f6abc86539aafb08e53c52674b929683ce5b21581c226d77795042e7e0bb1655
-
SHA512
d5fec7094c3915abbbd90039c9a68ebac4b47498ffc65a24ed64267114d14de37a104ca4766599d337a494c53094a07088ee45df48543d28861d66c8f5c30c9b
-
SSDEEP
98304:wx4HucwlTpqQfWLs7aGaOjmD/wBCeN1XEPDUnH10ViukqIkPCl23IL:wx4XoIvw7ha5oBCYOPDUH6Euo23IL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Redline family
-
SectopRAT payload
-
Sectoprat family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-