Extracted

• • Target

    bd5e1df33a76b9719fe3f60ad48b2dfb01cdad94d4f2c99581c05a1fbb3d5616

  • Size

    1.0MB

  • MD5

    f99c5c9fc1560fb86615e96e48cfa3f3

  • SHA1

    b8d92f1a582a91a0463d73040203cd0069eba825

  • SHA256

    bd5e1df33a76b9719fe3f60ad48b2dfb01cdad94d4f2c99581c05a1fbb3d5616

  • SHA512

    8ca52687862b04e12166ac59080793ad84af5c174c33cde7a64de624365810fdf05128adf4b43f7c788cb9298868578c543f07c7f0eba97d3f7b1143ae1297b3

  • SSDEEP

    24576:vy3GUUsu+NJTynlFlT7ogBtRoqs/dpbdKvJjg:63GU/u+HGnfCgBtR7mdp5Md

  Score

  10^/10

  redlinebubeninfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1