General
-
Target
e44f4b53e194382f3f3efced7fef141510af56e7b0fdb40ca79dc707443accbe.bin
-
Size
642KB
-
Sample
230505-yx8ncsbh43
-
MD5
a80bd74724e4515c8dca245a24260ad1
-
SHA1
1418e2f662b8ee822619dfd1bbf248e6c9c415bf
-
SHA256
e44f4b53e194382f3f3efced7fef141510af56e7b0fdb40ca79dc707443accbe
-
SHA512
7b9bff0fe15775fa51f1d6712cac7e24809be447f937cda3176d218af046d35e54090e39aa7e30e39089c883a279ccf293194c7a1bf32cf250a7aec05615bec8
-
SSDEEP
12288:zy90Kf90O9sgkKYXFcbkF94ImsTf7XvloxWW6jq1qbPK3A+dzz07:zyFL9sgnYXF1P1JDzvqP6jq1qbPorXO
Malware Config
Targets
-
-
Target
e44f4b53e194382f3f3efced7fef141510af56e7b0fdb40ca79dc707443accbe.bin
-
Size
642KB
-
MD5
a80bd74724e4515c8dca245a24260ad1
-
SHA1
1418e2f662b8ee822619dfd1bbf248e6c9c415bf
-
SHA256
e44f4b53e194382f3f3efced7fef141510af56e7b0fdb40ca79dc707443accbe
-
SHA512
7b9bff0fe15775fa51f1d6712cac7e24809be447f937cda3176d218af046d35e54090e39aa7e30e39089c883a279ccf293194c7a1bf32cf250a7aec05615bec8
-
SSDEEP
12288:zy90Kf90O9sgkKYXFcbkF94ImsTf7XvloxWW6jq1qbPK3A+dzz07:zyFL9sgnYXF1P1JDzvqP6jq1qbPorXO
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-