General

  • Target

    doenerium_D09EaRNO.exe.bin

  • Size

    66.9MB

  • Sample

    230430-11mleadg43

  • MD5

    e1a29bc9901b92c634c856f143dec84c

  • SHA1

    e75c8304d799a62d12f15f0960cbf256dc421545

  • SHA256

    c9f2a012b2e2c200bbd8cd031d5f77cc7cd66a6d34d39fa1fb98a99463395767

  • SHA512

    d564c7c116f6894f16c47b16eda46175939ad5f8cc30c9f82a74f906fe17b9d5feab44313d80b286c0cd3730be4be7186133c9a0b1a8a697e728fd248e0a6930

  • SSDEEP

    1572864:OjddGv7Ta870FJBWxsc/LOFeFMlJTqmyr3NckVPdfPXllTktq/:yGv7Gw6HWxsSO4ilJ2lrdckVlfPLKg

Malware Config

Targets

    • Target

      doenerium_D09EaRNO.exe.bin

    • Size

      66.9MB

    • MD5

      e1a29bc9901b92c634c856f143dec84c

    • SHA1

      e75c8304d799a62d12f15f0960cbf256dc421545

    • SHA256

      c9f2a012b2e2c200bbd8cd031d5f77cc7cd66a6d34d39fa1fb98a99463395767

    • SHA512

      d564c7c116f6894f16c47b16eda46175939ad5f8cc30c9f82a74f906fe17b9d5feab44313d80b286c0cd3730be4be7186133c9a0b1a8a697e728fd248e0a6930

    • SSDEEP

      1572864:OjddGv7Ta870FJBWxsc/LOFeFMlJTqmyr3NckVPdfPXllTktq/:yGv7Gw6HWxsSO4ilJ2lrdckVlfPLKg

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks