Overview

overview

10

Static

static

3

6d13e1ed4e...c2.exe

windows7-x64

10

6d13e1ed4e...c2.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6d13e1ed4ed274dc224a82b18fd191b07613e34d4bed109aaef2b59cb7f71cc2.bin

  • Size

    618KB

  • Sample

    230506-2b9kbacd43

  • MD5

    39e09b2f03d56fdf041cd5e819f5fb56

  • SHA1

    24235094b9b10b461d456d3df18bc2b967d07763

  • SHA256

    6d13e1ed4ed274dc224a82b18fd191b07613e34d4bed109aaef2b59cb7f71cc2

  • SHA512

    923764497cc7da19df79f8b9693e80e45cb895bb6820027208f638db7b7f83626c35a07286c56df0f65972e9473b1993e98e3028724f9f9248d3b69dd8ff7156

  • SSDEEP

    12288:4y90Fivgn97/vTHybnHYEW9GLexjyHUNfsVCwFV6Dv:4yyi49brybjWqw9NfsVCwFgDv

Score
10/10
redlineevasioninfostealerpersistencestealertrojan

Malware Config

Targets

    • Target

      6d13e1ed4ed274dc224a82b18fd191b07613e34d4bed109aaef2b59cb7f71cc2.bin

    • Size

      618KB

    • MD5

      39e09b2f03d56fdf041cd5e819f5fb56

    • SHA1

      24235094b9b10b461d456d3df18bc2b967d07763

    • SHA256

      6d13e1ed4ed274dc224a82b18fd191b07613e34d4bed109aaef2b59cb7f71cc2

    • SHA512

      923764497cc7da19df79f8b9693e80e45cb895bb6820027208f638db7b7f83626c35a07286c56df0f65972e9473b1993e98e3028724f9f9248d3b69dd8ff7156

    • SSDEEP

      12288:4y90Fivgn97/vTHybnHYEW9GLexjyHUNfsVCwFV6Dv:4yyi49brybjWqw9NfsVCwFgDv

    Score
    10/10
    evasionpersistencetrojanredlineinfostealerstealer

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

      stealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks