Extracted

• • Target

    04c7412847994129e5af7483ec3d90cd60951413b857190da79fb82ea979b2da

  • Size

    1.4MB

  • MD5

    387d1293c9803a0f01d295c618f4abc0

  • SHA1

    d9066f9d18f74c297ccf423b1e7bbdc87dd3fc67

  • SHA256

    04c7412847994129e5af7483ec3d90cd60951413b857190da79fb82ea979b2da

  • SHA512

    40c1d78417adedb7f49018455c2dc1c90d63fcde0b8af3b0df82bddef842dc63990cf7cda71c9b42ab8a54f0851f3c5d8859f7ff981651e3601380952302f079

  • SSDEEP

    24576:EyCO8gce52H6yP9QMSWoDVzTmU1btad01UVLGcO0HyAGrGnlWncV/p2R23:TCO8W2HdCaoVTh1btaFLGcO1rklT/

  Score

  10^/10

  redlinetrushinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1