Extracted

• • Target

    f258901b9f7b8db84c8f83a005aecf5f83797d8be4b55e5366dd5139acc05ffb

  • Size

    1.0MB

  • MD5

    2210aecb492158d85f1cdff754eb9730

  • SHA1

    9f87c4ba2fd38a7fe8e225bf1865faba7e7b82c6

  • SHA256

    f258901b9f7b8db84c8f83a005aecf5f83797d8be4b55e5366dd5139acc05ffb

  • SHA512

    41efac99b99996d110c42e3dd7afc604ab50fe6c66770a8e42fac428967a6eb57cc6934f08fec18b83f673159180d8603df71a510782e54c325cb5f7f8ccffe1

  • SSDEEP

    12288:r7DsAxREsrUcKpS50hmzUiTCujpUtKDII7zxG9aKC2emYujQ5uK8zp3gFNHZfo3:TsAxysrUcKpS63WCQHxG9alFuwfH1o3

  Score

  10^/10

  redline@oleh_psinfostealerspyware

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Uses the VBS compiler for execution

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1