Extracted

• • Target

    bea9d815054a72d101f5f456ef2d46abfb0d115ee64c2bb19b9a41086813a36f.bin

  • Size

    1.5MB

  • MD5

    705dc42258c1a1c3a649eeaccd48e7bb

  • SHA1

    7d6212f6f4bc4d4995474135bc15c20b60a3230c

  • SHA256

    bea9d815054a72d101f5f456ef2d46abfb0d115ee64c2bb19b9a41086813a36f

  • SHA512

    27f7b007b15b747a603c0e03c3dc322a1d4a80a9478ef3154e4db4c30df1dcbb3565fb880b609c40d490e87afa7babec27537c423ee6e02c00ec82d35ec1ada1

  • SSDEEP

    24576:py5YzwhjAlZBNR6YMHpem5m8EQjy1kd8WwzHgeLM7k9+tP6P1uBVgGTtnYhDMISI:cmcInNR6Jpem5oQjy1kmWwzAZ2+tyP1f

  Score

  10^/10

  redlinemostinfostealerpersistencestealer

  • Detects Redline Stealer samples

    This rule detects the presence of Redline Stealer samples based on their unique strings.

    stealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2