General
-
Target
1cc8de61685ced27317a99c7f04145f5a732bffa2a1bb062d5518d0165d5f9ba
-
Size
1.2MB
-
Sample
230506-3tc5habf7v
-
MD5
a97748f56e8ebc584cb4e09f55419ec2
-
SHA1
af7da012d6acb8a207487c4581a1b80eeaeb7a62
-
SHA256
1cc8de61685ced27317a99c7f04145f5a732bffa2a1bb062d5518d0165d5f9ba
-
SHA512
1d9759acb064ae17b4edcba626b7b26b1365e51eef19a422c9f660962ab2ad7cc41999e5832bdd2c988f9c68c8c3b6de3e1087acfe1492bd0afadae65ebbf153
-
SSDEEP
24576:W0zwEbpelsnjkyfxpcP7kJxnSnF83PRiGBgy3rIgBQzbypT6bg6gO:W0zNUYjkCcPoJgK3ss+y4bN
Static task
static1
Behavioral task
behavioral1
Sample
1cc8de61685ced27317a99c7f04145f5a732bffa2a1bb062d5518d0165d5f9ba.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
1cc8de61685ced27317a99c7f04145f5a732bffa2a1bb062d5518d0165d5f9ba.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
1cc8de61685ced27317a99c7f04145f5a732bffa2a1bb062d5518d0165d5f9ba
-
Size
1.2MB
-
MD5
a97748f56e8ebc584cb4e09f55419ec2
-
SHA1
af7da012d6acb8a207487c4581a1b80eeaeb7a62
-
SHA256
1cc8de61685ced27317a99c7f04145f5a732bffa2a1bb062d5518d0165d5f9ba
-
SHA512
1d9759acb064ae17b4edcba626b7b26b1365e51eef19a422c9f660962ab2ad7cc41999e5832bdd2c988f9c68c8c3b6de3e1087acfe1492bd0afadae65ebbf153
-
SSDEEP
24576:W0zwEbpelsnjkyfxpcP7kJxnSnF83PRiGBgy3rIgBQzbypT6bg6gO:W0zNUYjkCcPoJgK3ss+y4bN
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-