General
-
Target
057290692f19d9d7b3438b0a64df07f8fd00898014cb718f59832c5f034638c3.bin
-
Size
651KB
-
Sample
230506-y2al5aba39
-
MD5
610a8f214fb76216b3990fd4fbb845fe
-
SHA1
8ccd2ca761997fb625181a0e9f4bf2565544972d
-
SHA256
057290692f19d9d7b3438b0a64df07f8fd00898014cb718f59832c5f034638c3
-
SHA512
24e4c4c8ceb86c685f53294009ab2180314bed40ee41266a2fe957b61997635f1c205220ec191a97efdee2a5e0e0107e4e4a2146d07a308d4ea698e9f2941bf1
-
SSDEEP
12288:ey90kEcu9yZZtJc4qoXR7iDPoGKnKNkpMy39EEZdL1fcy:eywcugZZtJPqoB2DPtNC3CEZ5my
Malware Config
Targets
-
-
Target
057290692f19d9d7b3438b0a64df07f8fd00898014cb718f59832c5f034638c3.bin
-
Size
651KB
-
MD5
610a8f214fb76216b3990fd4fbb845fe
-
SHA1
8ccd2ca761997fb625181a0e9f4bf2565544972d
-
SHA256
057290692f19d9d7b3438b0a64df07f8fd00898014cb718f59832c5f034638c3
-
SHA512
24e4c4c8ceb86c685f53294009ab2180314bed40ee41266a2fe957b61997635f1c205220ec191a97efdee2a5e0e0107e4e4a2146d07a308d4ea698e9f2941bf1
-
SSDEEP
12288:ey90kEcu9yZZtJc4qoXR7iDPoGKnKNkpMy39EEZdL1fcy:eywcugZZtJPqoB2DPtNC3CEZ5my
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-