Overview

overview

10

Static

static

3

fe8d6e0f12...99.exe

windows7-x64

10

fe8d6e0f12...99.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fe8d6e0f12b4dd07d3df7ab46a23903abe69898428e4db5eeee9c90a1bed6899.bin

  • Size

    611KB

  • Sample

    230501-yblxgahf8s

  • MD5

    4166537a0517d13503812bc6fa2816bf

  • SHA1

    aee6c1c782bd1523675e3f8f4f989b76103cfe94

  • SHA256

    fe8d6e0f12b4dd07d3df7ab46a23903abe69898428e4db5eeee9c90a1bed6899

  • SHA512

    ecd89db76932a55bdd82fd58b28b7648aa006f6c9247a9f6c61e3f32e6da1e6cf4c201f07bd883bb94d48596429bab68f51ef9ebeb89af7d5420da7926c5d94e

  • SSDEEP

    12288:Jy90+h97sC8YPHf+wRzpa3H7JXfSWNh0+c+Zqej0J+sYADw:Jy9EYvfTpa3VXfBEBYgw

Score
10/10
redlineevasioninfostealerpersistencestealertrojan

Malware Config

Targets

    • Target

      fe8d6e0f12b4dd07d3df7ab46a23903abe69898428e4db5eeee9c90a1bed6899.bin

    • Size

      611KB

    • MD5

      4166537a0517d13503812bc6fa2816bf

    • SHA1

      aee6c1c782bd1523675e3f8f4f989b76103cfe94

    • SHA256

      fe8d6e0f12b4dd07d3df7ab46a23903abe69898428e4db5eeee9c90a1bed6899

    • SHA512

      ecd89db76932a55bdd82fd58b28b7648aa006f6c9247a9f6c61e3f32e6da1e6cf4c201f07bd883bb94d48596429bab68f51ef9ebeb89af7d5420da7926c5d94e

    • SSDEEP

      12288:Jy90+h97sC8YPHf+wRzpa3H7JXfSWNh0+c+Zqej0J+sYADw:Jy9EYvfTpa3VXfBEBYgw

    Score
    10/10
    evasionpersistencetrojanredlineinfostealerstealer

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

      stealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks