Extracted

• • Target

    bae351dd7dbdef72c256b17fd91ef2e1b5f578ed128b07fee1480f6618f79852

  • Size

    1021KB

  • MD5

    8c88e40112a76c238d9ba1a931b57aa3

  • SHA1

    167fdfe7eae2084cf3a1feba2ecb8fa6e5783408

  • SHA256

    bae351dd7dbdef72c256b17fd91ef2e1b5f578ed128b07fee1480f6618f79852

  • SHA512

    7f6756bc5a447b6eed9d9adbd3bfe257696df8f6975a436f0c8693302a966a5cca8adb2a30054d6cb8217589f60e2fa8a81a090e3904ec38e428e1e44edfbce1

  • SSDEEP

    24576:RyF3lQqaExqrKiFxSqSR2tTfUS8D0x7A:EOK8sxrD0J

  Score

  10^/10

  redlinelolsevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1