Extracted

• • Target

    21a16c7ca86a15a2378b16ae4e7b00f5bfb4e58816461449ae81ad5bb7ee50db

  • Size

    479KB

  • MD5

    e4b92ed594dfcbcdda9dc2eb681fae85

  • SHA1

    ae9f35af52e7ebdd258c770fa68f0aa4407f0f88

  • SHA256

    21a16c7ca86a15a2378b16ae4e7b00f5bfb4e58816461449ae81ad5bb7ee50db

  • SHA512

    62b7253d6524b756afcaa1fe4f2363834a6d8385a163d53889a3766b43131d90ea0ac658939743066f7e6bac6f725a0e425d5e09b4f38f00388a4d61323daced

  • SSDEEP

    12288:wMryy90Gd9cV/Of4y8MgajGD/FzlDJhgUuQzP:SyQeLvEdlD7uQzP

  Score

  10^/10

  redlinedarisinfostealerpersistencestealer

  • Detects Redline Stealer samples

    This rule detects the presence of Redline Stealer samples based on their unique strings.

    stealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2