Extracted

• • Target

    8c3d60c8b7dd8b9dc44fb10601d544a5501916c7f8f0bcb94b645525a03a4355

  • Size

    1.3MB

  • MD5

    89a48ed8860af4dd35269854f550da62

  • SHA1

    62a29ce884d3bea870f89efaf9d6e95968ee5b6d

  • SHA256

    8c3d60c8b7dd8b9dc44fb10601d544a5501916c7f8f0bcb94b645525a03a4355

  • SHA512

    1957b4fa414dd068d3ad30b3942dafaddf1b0ce61d89505e259b00ddda020590ea8462525ab681787f2b33252095408abf66113c9583527fc66453455e85292e

  • SSDEEP

    24576:Zyvb/gfHBWE4gyXfcMSF6uBhOm2Ocw9/RfJ73EW/faae:MOHBWDgIfcFhKFw/J53Eoya

  Score

  10^/10

  redlinelutyrinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1