Extracted

• • Target

    c1150aaaa0b895b14d2c00af74166823c4f33bdd1b015ec90a4ccc4761060c28

  • Size

    1.0MB

  • MD5

    5ed54ae5c7383a8a419f7e091364ac09

  • SHA1

    54dcc755457727553aac347a9dfcea051b98680f

  • SHA256

    c1150aaaa0b895b14d2c00af74166823c4f33bdd1b015ec90a4ccc4761060c28

  • SHA512

    4339aba596549a84ff98eb871890b0522df61fe60b12956ee2cab9e7bd7f2e000f6208662c8d8fd65d68bd324c9345a73850c7443962819c31aee4b1b1b78b75

  • SSDEEP

    24576:JydeNwpykhf9NYxrSNATaay8gvDIHJLJHV:8de2pFhluoOTVBADG

  Score

  10^/10

  redlinetuxiuinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1