General
-
Target
409bec3a7ade14b4afde539d6bbbe36d9c3aaff2796da953cc96ff37f7e8f57c.bin
-
Size
690KB
-
Sample
230506-1dxsvsgd55
-
MD5
bedec3f68e81c94687011bd42826fa30
-
SHA1
d9330ea0651fe8dc507bf875731226e23e20aecd
-
SHA256
409bec3a7ade14b4afde539d6bbbe36d9c3aaff2796da953cc96ff37f7e8f57c
-
SHA512
40c632f546d9d6170cbecbbed902edd499a4629802a6f8bece11c0cdad2abf82882ea57c1a11e9553fbde7d791ab3ae98fb613c410ebaf9cc04425dd28968c63
-
SSDEEP
12288:Py90w95D1XSpkeYUA4LHfMI7Bwh74ZQIJoM00yK12VB9Kl2CiEMjiJEV:Pyx5pckeYUA4LfnKhLPMTyS2+diZ+K
Static task
static1
Behavioral task
behavioral1
Sample
409bec3a7ade14b4afde539d6bbbe36d9c3aaff2796da953cc96ff37f7e8f57c.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
409bec3a7ade14b4afde539d6bbbe36d9c3aaff2796da953cc96ff37f7e8f57c.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
409bec3a7ade14b4afde539d6bbbe36d9c3aaff2796da953cc96ff37f7e8f57c.bin
-
Size
690KB
-
MD5
bedec3f68e81c94687011bd42826fa30
-
SHA1
d9330ea0651fe8dc507bf875731226e23e20aecd
-
SHA256
409bec3a7ade14b4afde539d6bbbe36d9c3aaff2796da953cc96ff37f7e8f57c
-
SHA512
40c632f546d9d6170cbecbbed902edd499a4629802a6f8bece11c0cdad2abf82882ea57c1a11e9553fbde7d791ab3ae98fb613c410ebaf9cc04425dd28968c63
-
SSDEEP
12288:Py90w95D1XSpkeYUA4LHfMI7Bwh74ZQIJoM00yK12VB9Kl2CiEMjiJEV:Pyx5pckeYUA4LfnKhLPMTyS2+diZ+K
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-