Extracted

• • Target

    c4abe6f8506a8f156c97d37ad06c37aa68520f7c3481a02251508eb43e8e6ce2

  • Size

    785KB

  • MD5

    c012953d7a8d9aa39337e0e88f056747

  • SHA1

    f3482f68b8210d4807ff2aff3f38ef4303d4ae3e

  • SHA256

    c4abe6f8506a8f156c97d37ad06c37aa68520f7c3481a02251508eb43e8e6ce2

  • SHA512

    21f33515653d617879e76986594c3208192e6d0717be7cb12d5a86b3935dec211dc270efa6b8515b0da6f1727b9b3e3c54931c1e5db86e49045f2262c9a37b1c

  • SSDEEP

    12288:cMr6y90WeDHKSk5XIpv+J8pbfLLPq6oBADYnRqUYjOFWmFaxZubSM4azU1MH:GyVRXIRrfHSFA8Rff+TFaBH

  Score

  10^/10

  redlinebubeninfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1