Extracted

• • Target

    f7f8331fdca8b5295b827ff019422c7e7cb230b2a44ff55c741cbf76bc3b5921

  • Size

    217KB

  • MD5

    da1cd3fb04aa0aacd8a5fa45dff42f2f

  • SHA1

    c9e0ebc98a3a4dad4f868b4ab19935ddc00f3397

  • SHA256

    f7f8331fdca8b5295b827ff019422c7e7cb230b2a44ff55c741cbf76bc3b5921

  • SHA512

    c2d63405bc5dbda5fca1060888b279f9b53c5a313bb186513547cbe2433229c0e8172c5f045edb952882fff5089378de457b1ea42cef1ec293c2aa4eaad0db7b

  • SSDEEP

    3072:Iob4vq60E/oW+24ETyre2xRc0jqr76OlnA9DMpYU4KZe8JbJ3Yl6PR+cpY8jwGS:IoUvr0E/oywe2xrjq6O4MJ4bM5Y4+cE

  Score

  10^/10

  redline@madboyzainfostealerspyware

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Uses the VBS compiler for execution

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1