Extracted

• • Target

    NEAS.c35b3c8ab793422bebcb98245a9f0a5e3bac0daf3d840e8821354b8c2eb21e7a_JC.exe

  • Size

    1.3MB

  • MD5

    fe1dc9716dcb8075d1464fd805826986

  • SHA1

    4bc70b102a2a535bf54175743484163ee78bb799

  • SHA256

    c35b3c8ab793422bebcb98245a9f0a5e3bac0daf3d840e8821354b8c2eb21e7a

  • SHA512

    f4be2aad57710a51145eaad594d1df061fbc332fb1d34230eaca81c317595759a31c66d77099119c9a097ebd58bb673f2b4c13afef5d7b70efc3cf6949b27775

  • SSDEEP

    24576:LyJqcvXB3UAhZbi3f0RsWD80Z3oR0+EN/+E0r7ba/FhzAiVwsWStOfJe:+Jqc/B3nZQMRvYA3oRje/+Ee7aAlsWbJ

  Score

  10^/10

  redlinelutyrinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2