Extracted

• • Target

    calculator460.exe

  • Size

    1021KB

  • MD5

    f7724b0f35792830011cc6158ba6fcfc

  • SHA1

    bd607ae4db230775f0d0a934fd522649e3e4d392

  • SHA256

    8e820edc25040995a92875410b7745e0fab22899b51a66421ad53e932b7c87f7

  • SHA512

    049a7bb2a1216165221f4a4e3059a64f964bd0aa0d82bf95a6d1c2a413396c5a302773a7026952afc7ed7e7f3c171435b0c0d67f9ad4ae7f70ce5c3d81d1798f

  • SSDEEP

    24576:Xy0mwzJNNtTOq9FNTi1jtKDwDgBovlyPhIoqrMvm6HF:irwz5tOq9F9i1jcMDSP+oqrMvvH

  Score

  10^/10

  redlineluzaevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1behavioral2