General
-
Target
cbb377550aa4560e976bc8efd8f39309ee69594bf3823efa2d21d821fee3efe8
-
Size
1.5MB
-
Sample
230507-hnxazach5w
-
MD5
ad39b7a2270e3b6fbf5a6dd50f48a487
-
SHA1
c1491b19e448b7afcada102b6e447989b3ea32ca
-
SHA256
cbb377550aa4560e976bc8efd8f39309ee69594bf3823efa2d21d821fee3efe8
-
SHA512
acb9dc0bd603c8fe3062fb2eacaad0321625c56c1fc23482e8f174daf7654591c2ce21fae04a4db82c317c376602ffc372c9e85615380c7af1dd0c6faf7661eb
-
SSDEEP
49152:IyHUdnAePtIm60ohZseZBMRH5G6V7OQniE:xHUdn3Gm60ZmBMpg6VC8iE
Static task
static1
Behavioral task
behavioral1
Sample
cbb377550aa4560e976bc8efd8f39309ee69594bf3823efa2d21d821fee3efe8.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
cbb377550aa4560e976bc8efd8f39309ee69594bf3823efa2d21d821fee3efe8.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
cbb377550aa4560e976bc8efd8f39309ee69594bf3823efa2d21d821fee3efe8
-
Size
1.5MB
-
MD5
ad39b7a2270e3b6fbf5a6dd50f48a487
-
SHA1
c1491b19e448b7afcada102b6e447989b3ea32ca
-
SHA256
cbb377550aa4560e976bc8efd8f39309ee69594bf3823efa2d21d821fee3efe8
-
SHA512
acb9dc0bd603c8fe3062fb2eacaad0321625c56c1fc23482e8f174daf7654591c2ce21fae04a4db82c317c376602ffc372c9e85615380c7af1dd0c6faf7661eb
-
SSDEEP
49152:IyHUdnAePtIm60ohZseZBMRH5G6V7OQniE:xHUdn3Gm60ZmBMpg6VC8iE
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-