redline | Redline-Stealer-3-main[.]zip

Resubmissions

04/07/2024, 09:29

240704-lf5txsthkj 10

04/07/2024, 09:21

240704-lbje5atfnq 10

Sharing

Copy URL Twitter E-mail

General

Target

Redline-Stealer-3-main.zip
Size

541KB
MD5

d8b44c0f457ed15981f2110725480b29
SHA1

1631431c5c0ed902f759aeb0ff9c56c01612a362
SHA256

40852e1681c417a3b92f343f86a08cdb57955b71ddf8368cc0bb62f0de729dd2
SHA512

55c2177aa7bfe4ca4b4063575e0462aac21e901259e0fb0bf9de4229c0ce0170b8445b3d13c322ac356ff463f7a1c019e06ca29b88e8d27f3e264f48f23b5c99
SSDEEP

12288:e5dzmQuL2jlV8ANQ5hD+aAFKd93ekh45LIqb:WmRwg5lwkRdqb

Score

10^/10

redline

Malware Config

Signatures

RedLine payload 1 IoCs

resource	yara_rule
static1/unpack001/Redline-Stealer-3-main/builder/RedlineBuilder.exe	family_redline

Redline family
redline

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Redline-Stealer-3-main/builder/RedlineBuilder.exe
unpack001/Redline-Stealer-3-main/builder/dnlib.dll

Files

Redline-Stealer-3-main.zip
.zip
Redline-Stealer-3-main/README.md
Redline-Stealer-3-main/builder/RedlineBuilder.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ShadowYorik\source\repos\RedlineBuilder\RedlineBuilder\obj\Release\RedlineBuilder.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Redline-Stealer-3-main/builder/builder.bat
.bat .vbs
Redline-Stealer-3-main/builder/dnlib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/src/obj/Release/net45/dnlib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 306KB - Virtual size: 305KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 306KB - Virtual size: 305KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B