Extracted

• • Target

    7e68c21bc527a10d579636497f6acdcabc02d647adb44d130138280b0b2b3a46

  • Size

    277KB

  • MD5

    f4f6384db371bd510205622328b608d2

  • SHA1

    120fb865d34b4d3681457d34ca16bf1991e976d8

  • SHA256

    7e68c21bc527a10d579636497f6acdcabc02d647adb44d130138280b0b2b3a46

  • SHA512

    029acd8e5d3ab32a295ce253f48575b3e5d11ce957962c47b37ee2ae34e2027af7463cc253f270327201b85d3a72bbdf397c885fad81260c4545d70217683c4a

  • SSDEEP

    6144:NiSAGT+Z6EDT6ezC3pR6EIdOm2WaWeRuWO5WOmujl7KCE1eCVUBXV8qUX:NiSAGT+ZY3eEIdOm2WaWeRuWO5WOmulm

  Score

  10^/10

  redlinepub1infostealerspyware

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Uses the VBS compiler for execution

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2