Extracted

• • Target

    9E6DB5773EE3E9C59003C414FD7254D93C41714192F4B.exe

  • Size

    385KB

  • MD5

    9b112b4750bc9cf076d96b8cab5a8c83

  • SHA1

    7e7df839844e0aedb388f91251abd7bcb5e4bf1f

  • SHA256

    9e6db5773ee3e9c59003c414fd7254d93c41714192f4bbb6fe8bb5f61a841000

  • SHA512

    87ad300d495d66b644a659d276f724f5fddea482a3e3f1e7daa3632fdbb574ed7b6edf314caa168c919b39a9a1c099d4ecd2d87db0fb73e6d7c7d9b3dc1030e6

  • SSDEEP

    6144:MR/zeecFp1SL4u/+nhZCY4gYusPHAOq7TUm7SS9cMqhdTZuJl:+/zeecFp12LQ7TUESS9cMqhddIl

  Score

  10^/10

  redline@azraelarcainfostealerspyware

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Uses the VBS compiler for execution

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2