Extracted

• • Target

    file.exe

  • Size

    580KB

  • MD5

    2eb76d4e6e7c584147d0b573573a81e1

  • SHA1

    267520fc7483b4932cb2491fd4acf471b137d227

  • SHA256

    815481e49866ad19d437c62da9f6dd94761cb0644f19d8e2f5248e52b63edd89

  • SHA512

    2a2a6fe5fd63a9deda1963551b47ff0360cc2202d8173e9abf7c8b569e22df1de4a0d8fceae4b423b33e110bd8ab7eabbde5762c3ed7588644a0a9f28271aec5

  • SSDEEP

    12288:zMrxy90htVdtsh2w7KnDuAcdr8G2RKnGAzTuvzT16yBm:ayq3tsh2w2nJciRRaGIyvv17U

  Score

  10^/10

  redlinemaxievasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1behavioral2