General
-
Target
Octopus_Warriors.zip
-
Size
49.6MB
-
Sample
230331-yey17sch53
-
MD5
8882f325f2b2b97cbdd396d4c0306b25
-
SHA1
aa711aadd517aff9fa26ce5e1e54a8e7efc14061
-
SHA256
f26e069310cc4721d513beb2d16b05588f855724d90747f85c59140f1abe42e1
-
SHA512
43bbf77abef14c781b94a6ba4d494ef2a95a3c8023d4631a1022d8b27ff3b42d5ea379e044f8df537bd57d0f71e468618027e745e58110d96039631b71e82470
-
SSDEEP
786432:7pi1YT2FdEseEwnH18OEE6PX/iA78pCFNot0aMMI+5WhD7A1jotIsGJKTz:81mEgHTcfipCFNot0aTMs1jUI1Y/
Malware Config
Targets
-
-
Target
Octopus_Warrriors/Setup_Game.exe
-
Size
49.7MB
-
MD5
a68cbaba98b9271abd6366b01adadc2a
-
SHA1
694fd5af5c63e447fd9577046990807995f4a5e6
-
SHA256
949fe2babe4a7813810649001722103af1de3a799744314536f698fbc68e4dae
-
SHA512
309a271a9f606fa16df5380742eec30b5863ddf1d2cc35f1c1c4cd7899eadd01d1c51ced237973230a0f639535a9287787ef27d7316a4e7d4e8f0f5ca8c99272
-
SSDEEP
786432:8LOD6chJaImWuL9V04U0GJ5Vi8Nml+7NeHwSYSoOtwZvXSlN4PEUG9O747:XDIWU9dwLEl+7NeHwS7EClNMEpI87
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-