General
-
Target
dad139bc4038c33a981caa73df8647f41b13b2e58606cffc239adf2fb0adc32e.bin
-
Size
611KB
-
Sample
230505-ynzdbsba88
-
MD5
bf21b05ee3ffd000985dce9268d2b5a6
-
SHA1
11b76443e915d530356b1742c28a2588b0c31d69
-
SHA256
dad139bc4038c33a981caa73df8647f41b13b2e58606cffc239adf2fb0adc32e
-
SHA512
ad29ec2a5b171dc865a7588b9e801641cbc3c20a3f942d333dd3bf1ca06e4f4a6b579cf6de6e875ff42d22114770110da66fb0473f3889cb6028aaad462ba45b
-
SSDEEP
12288:0y90t1jhAoX8bg8FJMiLplVF9CrGfj92iBtHXfd+O4G0/f5tkr3GNQgpAxHB7:0y0tAs83W6F9UxWHX1+OUf43GNQgpAxh
Malware Config
Targets
-
-
Target
dad139bc4038c33a981caa73df8647f41b13b2e58606cffc239adf2fb0adc32e.bin
-
Size
611KB
-
MD5
bf21b05ee3ffd000985dce9268d2b5a6
-
SHA1
11b76443e915d530356b1742c28a2588b0c31d69
-
SHA256
dad139bc4038c33a981caa73df8647f41b13b2e58606cffc239adf2fb0adc32e
-
SHA512
ad29ec2a5b171dc865a7588b9e801641cbc3c20a3f942d333dd3bf1ca06e4f4a6b579cf6de6e875ff42d22114770110da66fb0473f3889cb6028aaad462ba45b
-
SSDEEP
12288:0y90t1jhAoX8bg8FJMiLplVF9CrGfj92iBtHXfd+O4G0/f5tkr3GNQgpAxHB7:0y0tAs83W6F9UxWHX1+OUf43GNQgpAxh
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-