Extracted

• • Target

    cce2393b0b3b66a07252fc4511afb2e67268ff9b6c6de535f4a0b364cc52c398

  • Size

    831KB

  • MD5

    8430346d8043748a492c68e3207c5b87

  • SHA1

    ecc975663723b3d5979e2d2403e3b23a405c0bc7

  • SHA256

    cce2393b0b3b66a07252fc4511afb2e67268ff9b6c6de535f4a0b364cc52c398

  • SHA512

    e2f25c2ff267382f7b93a2b18f949a8741074490e0dea4430a96d5e8b004f42376bef4476a2369d22c6630f4a50800a5cd6e415a738fe736b7d71945d10bfdda

  • SSDEEP

    12288:RMrby900P75tAU0/PdXv5+TF0DMk46N3swqQr7lpCaA/RQCBsrKhCHVI+YySjlP:yyJzKHdxwFC46NHzhAQCBs+Q+7Bl

  Score

  10^/10

  redlinedugininfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1