Extracted

• • Target

    3df0115bd9ccb06f290473eaea9f490086bf98156727fa912acb04a1accb09db

  • Size

    1.2MB

  • MD5

    d44c35515ad09f67f35ca83a9d48675c

  • SHA1

    cb6b0ff4812f27327fd88da308ed029293f5dc48

  • SHA256

    3df0115bd9ccb06f290473eaea9f490086bf98156727fa912acb04a1accb09db

  • SHA512

    27572c1e0dff8c339123c851dd1f2fc43808e0bbd9e21c8f6734cd8e27f8dd5bee2ac79fb8181194a9e2d15adbde60bb3377c46999abaab7b4e99229dbcdd429

  • SSDEEP

    24576:vyXCLWU0n6TVQBOvUegcKcsF9Lz07qY5VHPcV:6XCaU0+QlHUsvLz07qYPvc

  Score

  10^/10

  redlinelofaevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1