Extracted

• • Target

    0bfbdd1fe9f831f43d65b03253044ce1.exe

  • Size

    2.4MB

  • MD5

    0bfbdd1fe9f831f43d65b03253044ce1

  • SHA1

    5068b7beb3412f81c2ffa97aa67a804d63a47575

  • SHA256

    46925967d26cb4373de322bde604948b21a6100822d52b003c82eb88f42668e6

  • SHA512

    6b9e24762dc96cea414bf70c481d0043c8c11642734a28d95a391baf0007ba23fbcc1942be8d3bc1e41f6845d6606d62a33670d59fc11e46e738f763058ae935

  • SSDEEP

    24576:qDNLYLYBuocHhMoxfQ6rISrWCKJUocSGcVGpGhhQLLsa970eisl3RuQ553137:qDI8CK+cGOGpGhhQ2sl3h

  Score

  10^/10

  redlineinfostealerspyware

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Uses the VBS compiler for execution

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2