Extracted

• • Target

    ceef2a7c3641e2b91a9e0729292ad6b9e26abac3df23c8d775df46afaaf11fef

  • Size

    584KB

  • MD5

    7016a0f8d332d7e1fa2363ce16ff4406

  • SHA1

    4b2005a4585bb7a51aac6b76fa8a0d4d04cddfc6

  • SHA256

    ceef2a7c3641e2b91a9e0729292ad6b9e26abac3df23c8d775df46afaaf11fef

  • SHA512

    4b042595da204c6a011ae1ec9e4dbe5090f122daa2a9fc1a01353923d7b9cd858e4b9348d8ec6dd54528bf72d113d41d3538c77da5efd8e7454f8dc53d0ed713

  • SSDEEP

    12288:9Mroy904kMVTcxaxoUkiUVl22Z9kWBBw2uIAPjwkKy:lyrkMVmaTRQB5uIG

  Score

  10^/10

  redlinedizaevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1