Extracted

• • Target

    Pi8xO5cg.exe

  • Size

    926KB

  • MD5

    f0b4d25910eb7f5ffa4677bc4b31801c

  • SHA1

    aae7f545ce74669c28c1f88c8469bfa0fa560ebd

  • SHA256

    e5af4a340b7d5bdfdc93d5164ea8f6d834472de845ee868a93af8ea06595bee8

  • SHA512

    4b977b6a6c86824d6f7d762c54e775447a676d6de08aeb42ddae512ba8104b072383891864b2e3599d4f2658ea5d39178068006a4120e9da96647be63fb0654d

  • SSDEEP

    24576:0yTl259h0Wal1+EN3eotQUdNEVdBtBJjjsX8HmkfGKc9v:DTl89BqdOordkpBJEX8Gkftc

  Score

  10^/10

  redlinekukishinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2