Extracted

• • Target

    7be2d6a309b966ef0ee162834c9077813eeb1c30ad60074766eed4388a17f2a6

  • Size

    954KB

  • MD5

    d91e53962f8a6e0d7022eaf0122c6e81

  • SHA1

    6abc5b6160b315746b941cbd3399ccad56dd02de

  • SHA256

    7be2d6a309b966ef0ee162834c9077813eeb1c30ad60074766eed4388a17f2a6

  • SHA512

    6d8b48b92fbd195a65d60e7e66a9178c88190338468219004b7a2c39c20ef71c5a8d5884b6fe848d24672a6dc66eca62e573bedfa7dc9e8def4cec99b594ed82

  • SSDEEP

    24576:Dy9mGN2po5JRnXp4oOXajw4HUCnjabrM7ZlBGURV:WsGN9bZuqjn0uaPMtlBGM

  Score

  10^/10

  redlinetuxiuinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1