Extracted

• • Target

    e3088cb834940b48c6ffee47d929a9bd2c8efd4dcec858db2d91b29c6092bde5

  • Size

    1.0MB

  • MD5

    b06840b63bacef9f1f70cdd6f67c272c

  • SHA1

    9f1bba3c8db0bd507bece750148d999a10f5bd15

  • SHA256

    e3088cb834940b48c6ffee47d929a9bd2c8efd4dcec858db2d91b29c6092bde5

  • SHA512

    bdaa144f34aec2faed3a69ca1a3555b46c6f9de93a05a352999f56b6fb06793709b7d8a96df28ce9e8d4afc1375ccb4b67d640fee28a14cb876a1ac0966e3dfb

  • SSDEEP

    24576:kyK/5L4KldUdoP/lImTfnT6SuXKWxLXStSgOKu:ze5c4qdonTfnTtua0LitS

  Score

  10^/10

  redlinetuxiuinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1