Extracted

• • Target

    015a132e6a54319fcd78e86f5f6ac554a484c18fe56da11b3ae9a65a607488a1

  • Size

    929KB

  • MD5

    d5ca31e06111f7d67c9d176986ae0970

  • SHA1

    3f9ae81fb604df99168a3bc910806f60bc049d16

  • SHA256

    015a132e6a54319fcd78e86f5f6ac554a484c18fe56da11b3ae9a65a607488a1

  • SHA512

    04abd803f37cf279174564689583b32e46d5361d29c5700646bd7a12a213897187747b481af6c49317812e9856d8193320a215f472c97d78c2ff031895403946

  • SSDEEP

    12288:aMroy90yWYwVe4BLIcF9emIeGkSYDHTCyStz8HljmVikiK+QS479Had9NhaV+Bh:OytL54hIw9em3GmTFHRm9z+5UarnBh

  Score

  10^/10

  redlineluskainfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1