Extracted

• • Target

    1a74e8940119f040dd48066c838341f155693900c1348be152162a507e8398b0

  • Size

    1.1MB

  • MD5

    6789f39fd72ee89857f39f08eb40f806

  • SHA1

    e705a1f4257f2e557b6c065e68a99e605cc2b83d

  • SHA256

    1a74e8940119f040dd48066c838341f155693900c1348be152162a507e8398b0

  • SHA512

    749e4860d875eb19a714fb70cfff1f5ff1b9436da55b6e2aebc4216f35089a78c69ac8de5051f890e1538eea15ec6a3e8ce1d12f1e736dbac86fd6949413fa10

  • SSDEEP

    24576:fyt9Jr3hBGm65kP43uB7ADq+/CBS9PQ/hd2SZ1LDuFfti:qt9Jrxkm6SA3uBNd27N

  Score

  10^/10

  redlinedoponevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1