Extracted

• • Target

    8a72afce776f369c5705d5d2cae16b3c189fe9ed679a29667b49a9dfd95d34ff

  • Size

    857KB

  • MD5

    22b03b50bbbaf9776b7bbeffd1ac036e

  • SHA1

    64375b124e1e988040b5309d70c6c4236eef0dd4

  • SHA256

    8a72afce776f369c5705d5d2cae16b3c189fe9ed679a29667b49a9dfd95d34ff

  • SHA512

    70d137ea5fa90d5be60637661445bb86119c9c1071a36978c1b980d29d37ec27c82ab392100b8f28e6ba93b366e236bc18339fc2d8250fb9ed506319b20aa9f9

  • SSDEEP

    24576:sy4/EEgM5qLUjm7pBeSznzS1aWmrM98uWdRc7:bBo5igWpMSLWgJr+qdR

  Score

  10^/10

  redlinelupaevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1