General
-
Target
doenerium_D09EaRNO.exe.bin
-
Size
66.9MB
-
Sample
230430-11mleadg43
-
MD5
e1a29bc9901b92c634c856f143dec84c
-
SHA1
e75c8304d799a62d12f15f0960cbf256dc421545
-
SHA256
c9f2a012b2e2c200bbd8cd031d5f77cc7cd66a6d34d39fa1fb98a99463395767
-
SHA512
d564c7c116f6894f16c47b16eda46175939ad5f8cc30c9f82a74f906fe17b9d5feab44313d80b286c0cd3730be4be7186133c9a0b1a8a697e728fd248e0a6930
-
SSDEEP
1572864:OjddGv7Ta870FJBWxsc/LOFeFMlJTqmyr3NckVPdfPXllTktq/:yGv7Gw6HWxsSO4ilJ2lrdckVlfPLKg
Static task
static1
Behavioral task
behavioral1
Sample
doenerium_D09EaRNO.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
doenerium_D09EaRNO.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
doenerium_D09EaRNO.exe.bin
-
Size
66.9MB
-
MD5
e1a29bc9901b92c634c856f143dec84c
-
SHA1
e75c8304d799a62d12f15f0960cbf256dc421545
-
SHA256
c9f2a012b2e2c200bbd8cd031d5f77cc7cd66a6d34d39fa1fb98a99463395767
-
SHA512
d564c7c116f6894f16c47b16eda46175939ad5f8cc30c9f82a74f906fe17b9d5feab44313d80b286c0cd3730be4be7186133c9a0b1a8a697e728fd248e0a6930
-
SSDEEP
1572864:OjddGv7Ta870FJBWxsc/LOFeFMlJTqmyr3NckVPdfPXllTktq/:yGv7Gw6HWxsSO4ilJ2lrdckVlfPLKg
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-