Kurome.Builder.pdb
General
-
Target
Redline_20_2.zip
-
Size
24.7MB
-
MD5
97a51d9c58994f6d77181fe62b807556
-
SHA1
11d64d7fe28064dc06f32b37cd6d89b4c5eb214b
-
SHA256
77b9f0c79ae8a64eb8d2f6ad82089b44ceda4144a96840d47371548ead61a763
-
SHA512
2a0c182a4740db61fce9df95332e72f8a044deba18587a7f206ec7bbcd17f4d0392202c5ad052ec35de569ab4207e5122c07889059de82a33d728e9227b7ce96
-
SSDEEP
393216:g6vsKw921Cqkcc0kqRY78G0CYXRpDmbdTTia/7USGo+3rjmKr4YYH+EUWpgXH:g6MLqkcbkVoGJMflhZ3rjB4cW63
Score
10/10
Malware Config
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
SectopRAT payload 2 IoCs
-
Sectoprat family
-
Obfuscated with Agile.Net obfuscator 2 IoCs
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Unsigned PE 10 IoCs
Checks for missing Authenticode signature.
Files
-
Redline_20_2.zip
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Kurome.Builder.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Kurome.Builder.exe.config
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Kurome.Builder.pdb
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Mono.Cecil.Mdb.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Mono.Cecil.Mdb.pdb
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Mono.Cecil.Pdb.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Mono.Cecil.Pdb.pdb
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Mono.Cecil.Rocks.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Mono.Cecil.Rocks.pdb
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Mono.Cecil.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/Mono.Cecil.pdb
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Builder/stub.dll
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Host/Kurome.Host.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Host/Kurome.Host.exe.config
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Host/Kurome.WCF.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Host/Kurome.WCF.dll.config
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Loader/Kurome.Loader.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
Redline_20_2/Redline_20_2_stealer-main/Kurome.Loader/Kurome.Loader.exe.config
-
Redline_20_2/Redline_20_2_stealer-main/Panel/RedLine_20_2/FAQ (English).docx
-
Redline_20_2/Redline_20_2_stealer-main/Panel/RedLine_20_2/FAQ(RUS).docx
-
Redline_20_2/Redline_20_2_stealer-main/Panel/RedLine_20_2/FAQ.txt
-
Redline_20_2/Redline_20_2_stealer-main/Panel/RedLine_20_2/Panel/Panel.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
Redline_20_2/Redline_20_2_stealer-main/Panel/RedLine_20_2/Panel/Panel.exe.config
-
Redline_20_2/Redline_20_2_stealer-main/Panel/RedLine_20_2/Panel/chromeBrowsers.txt
-
Redline_20_2/Redline_20_2_stealer-main/Panel/RedLine_20_2/Panel/geckoBrowsers.txt
-
Redline_20_2/Redline_20_2_stealer-main/README.md
-
Redline_20_2/Redline_20_2_stealer-main/ReadMe.txt