General
-
Target
076933586a53551c37016b280266ffca0a52310e4d0f680830025c428efab8fe
-
Size
1.2MB
-
Sample
230506-2pqpcsff6s
-
MD5
6d8d8ab7b0b7b554b7df08a00f3e2f71
-
SHA1
60b797ce1a0d84b6053a8d0aa6469e4bb507e933
-
SHA256
076933586a53551c37016b280266ffca0a52310e4d0f680830025c428efab8fe
-
SHA512
d8c26102e243da05ada50a08ffee548a11a374958454bf20c51c9a5e2731a56be0430b3d762c222a3c280750284fcce47cbfe80cf2babb2204cfcd088d37dc40
-
SSDEEP
24576:GCbht9y/vN4jFVkUI4Hiew2ltipvLt87VLLLVxCwaUdw578ObN/4SYrnP4uO:GCz9uyy4Hrw2lt2CxxCwbdw57fQSG
Malware Config
Targets
-
-
Target
076933586a53551c37016b280266ffca0a52310e4d0f680830025c428efab8fe
-
Size
1.2MB
-
MD5
6d8d8ab7b0b7b554b7df08a00f3e2f71
-
SHA1
60b797ce1a0d84b6053a8d0aa6469e4bb507e933
-
SHA256
076933586a53551c37016b280266ffca0a52310e4d0f680830025c428efab8fe
-
SHA512
d8c26102e243da05ada50a08ffee548a11a374958454bf20c51c9a5e2731a56be0430b3d762c222a3c280750284fcce47cbfe80cf2babb2204cfcd088d37dc40
-
SSDEEP
24576:GCbht9y/vN4jFVkUI4Hiew2ltipvLt87VLLLVxCwaUdw578ObN/4SYrnP4uO:GCz9uyy4Hrw2lt2CxxCwbdw57fQSG
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-