Extracted

• • Target

    5ef8d1fe5769b291211518bc7b41f33642d73f5766cd267f89a550579ee97357

  • Size

    1.0MB

  • MD5

    0d377fbb2337981b2c37c95d1c3b2425

  • SHA1

    02be4e78432008d78f12e6dcac9bcc7f42e75fcd

  • SHA256

    5ef8d1fe5769b291211518bc7b41f33642d73f5766cd267f89a550579ee97357

  • SHA512

    7ebc829c23238c5463b3076cf5200b4951f96ef93470be5374448bb70533b5edd57665d5840716461940d287df62a5dfcb093285b3b93e8dcef0502fc8dbec0a

  • SSDEEP

    24576:Vy3+L24eumAX/2XJmL1IHj6m4v7mOIUq4pBi:w27OAv2AeHj6x73

  Score

  10^/10

  redlinelerenevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1