General
-
Target
58040f3feee721fff6e6fc62e986a6462f9ad8485a5d29d463e9869a7c232319
-
Size
480KB
-
Sample
230506-1xscgscc7x
-
MD5
fd7bbd313416dfe87fddad9c104bf4bc
-
SHA1
cb81658f3475838486ae2dfb32e08a4ca32f7bec
-
SHA256
58040f3feee721fff6e6fc62e986a6462f9ad8485a5d29d463e9869a7c232319
-
SHA512
ac1f7001f766a6e65701c74e2ea70d22a959a93f829962ede5bf474259b72150934b6137b145cdccd40a5d543ff4adc32f697b3d10bfde983d144edac3143078
-
SSDEEP
6144:KVy+bnr+Ip0yN90QEFHs4lKeE9eps3N4x5tOMIxRIFTUtP+0l6+0yDflnib/JBkq:bMrUy90k4lKBTi5kMbTUFl6Afln6/E+
Malware Config
Targets
-
-
Target
58040f3feee721fff6e6fc62e986a6462f9ad8485a5d29d463e9869a7c232319
-
Size
480KB
-
MD5
fd7bbd313416dfe87fddad9c104bf4bc
-
SHA1
cb81658f3475838486ae2dfb32e08a4ca32f7bec
-
SHA256
58040f3feee721fff6e6fc62e986a6462f9ad8485a5d29d463e9869a7c232319
-
SHA512
ac1f7001f766a6e65701c74e2ea70d22a959a93f829962ede5bf474259b72150934b6137b145cdccd40a5d543ff4adc32f697b3d10bfde983d144edac3143078
-
SSDEEP
6144:KVy+bnr+Ip0yN90QEFHs4lKeE9eps3N4x5tOMIxRIFTUtP+0l6+0yDflnib/JBkq:bMrUy90k4lKBTi5kMbTUFl6Afln6/E+
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-