Extracted

• • Target

    457db42a4e399f41bcd9dacf2aa527cc170a0ed46b0840ea2d6a0cf12be9bdd8

  • Size

    1.0MB

  • MD5

    57e3240e91b855b16fc01b3a0e675d1c

  • SHA1

    860c69daa332dc6e7c949ff7fadad26eac3c7303

  • SHA256

    457db42a4e399f41bcd9dacf2aa527cc170a0ed46b0840ea2d6a0cf12be9bdd8

  • SHA512

    606f9327fba60b0a2b7665ae9024e8043b766fb740d9afdc0f8dee4e3774ad81439158b5fd464ccda9017115969dcee7f5774ef81f48c6f9539a425c7d5054bc

  • SSDEEP

    24576:ny3lHqJQ+g53DiBq/SCLACqywNv0m02rJM8QX6OJ5:y1H953DiBqRH+vl02r4X6

  Score

  10^/10

  redlinedizaevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1behavioral2