Extracted

• • Target

    0007472c64432eded91d353ac7cfc215964619308acdb6644092b127a29fe26f.bin

  • Size

    526KB

  • MD5

    83dd5cb850e58979d119368cf8631d28

  • SHA1

    1b6ed0f1e80d53fbab66c4fc344f46b0ff49dab2

  • SHA256

    0007472c64432eded91d353ac7cfc215964619308acdb6644092b127a29fe26f

  • SHA512

    2cde12c2870d05c47b5bbf4a699822f6bd081fc2a7837b5dee7eef3f401c676653acd3cc1f721d8f856ff825d418776c03ed3dfc98bad656c00432b920c78a54

  • SSDEEP

    12288:iMrhy90hHHKhd3XL4azRjRuhO16yPYFvfH4Rl:Tymo7zxRhVEnHyl

  Score

  10^/10

  redlinefudevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1behavioral2