General
-
Target
2f7609200dd61f7ab3a824bc8bc518fb11107af73f0bb398ce9f91e764aaaff8
-
Size
479KB
-
Sample
230506-z11mlaeh58
-
MD5
467295b0b911373518000b69442178b7
-
SHA1
740ba729f94155bc6e7bcda6327f722bdc863576
-
SHA256
2f7609200dd61f7ab3a824bc8bc518fb11107af73f0bb398ce9f91e764aaaff8
-
SHA512
802bac593b6b2479a397a2fc2438e1ae7307336e1e7efe10af5e4a2f549b0759b63e5a673e430a6940794929cfa11858627edfccafd141ebb400ec6b664f8b4d
-
SSDEEP
12288:GMrdy90z3BnFPACr2u6t9SdD8QApetUBKyl:ryi3VF52uxdD16/Kyl
Malware Config
Targets
-
-
Target
2f7609200dd61f7ab3a824bc8bc518fb11107af73f0bb398ce9f91e764aaaff8
-
Size
479KB
-
MD5
467295b0b911373518000b69442178b7
-
SHA1
740ba729f94155bc6e7bcda6327f722bdc863576
-
SHA256
2f7609200dd61f7ab3a824bc8bc518fb11107af73f0bb398ce9f91e764aaaff8
-
SHA512
802bac593b6b2479a397a2fc2438e1ae7307336e1e7efe10af5e4a2f549b0759b63e5a673e430a6940794929cfa11858627edfccafd141ebb400ec6b664f8b4d
-
SSDEEP
12288:GMrdy90z3BnFPACr2u6t9SdD8QApetUBKyl:ryi3VF52uxdD16/Kyl
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-