General
-
Target
d4d30ad6dc962cda1c205979cb0982cbe23546466a55e3946d897a970c958639
-
Size
1.2MB
-
Sample
230507-h27zmaef4t
-
MD5
162511c72a5977f8c8c19c45feeae04e
-
SHA1
edd31e05d0d96b20f5e36c60d03dd4a49292092e
-
SHA256
d4d30ad6dc962cda1c205979cb0982cbe23546466a55e3946d897a970c958639
-
SHA512
1693b3a33305b155422fac5d62d7b93ac10140131012294e44641ebac90790ad1d2317977ebe09a74145ce63eba60039592736f724bf0290158ffbee9ad457c4
-
SSDEEP
24576:3yI/AHe4g4EmLz+KQKGDpgHv0km1VTzdIZGRv4MlOPgVUULbDeY:CUA+QbnbGeP0km1vIEpoUU8bDe
Static task
static1
Behavioral task
behavioral1
Sample
d4d30ad6dc962cda1c205979cb0982cbe23546466a55e3946d897a970c958639.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
d4d30ad6dc962cda1c205979cb0982cbe23546466a55e3946d897a970c958639.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
lisa
185.161.248.73:4164
-
auth_value
c2dc311db9820012377b054447d37949
Targets
-
-
Target
d4d30ad6dc962cda1c205979cb0982cbe23546466a55e3946d897a970c958639
-
Size
1.2MB
-
MD5
162511c72a5977f8c8c19c45feeae04e
-
SHA1
edd31e05d0d96b20f5e36c60d03dd4a49292092e
-
SHA256
d4d30ad6dc962cda1c205979cb0982cbe23546466a55e3946d897a970c958639
-
SHA512
1693b3a33305b155422fac5d62d7b93ac10140131012294e44641ebac90790ad1d2317977ebe09a74145ce63eba60039592736f724bf0290158ffbee9ad457c4
-
SSDEEP
24576:3yI/AHe4g4EmLz+KQKGDpgHv0km1VTzdIZGRv4MlOPgVUULbDeY:CUA+QbnbGeP0km1vIEpoUU8bDe
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-