Extracted

• • Target

    f1b8b1183c3af56672b2ea35fa1999c39b83af837a6554d08d31505e3d1f4b42

  • Size

    1.2MB

  • MD5

    dae0cdc6ad6dab61e261af2bb12e1091

  • SHA1

    d163c1474edd87975abc4a55a39c45386e9eec43

  • SHA256

    f1b8b1183c3af56672b2ea35fa1999c39b83af837a6554d08d31505e3d1f4b42

  • SHA512

    839a7600af362a8182331d2ac3daf3543d740851a32169cc0f24d26ea6b9151713b84168098ab5095cc9a4f86935cbd34dd36eff38a8d8d2502ac00ac74a5e43

  • SSDEEP

    24576:eyYacIqCw31IvRA+OjR0ITU3pRg+opz/QpRcQZXE6q2qCo4i4osDJOTz8TZV:tYaZKS2Jj6oGgzDQpRcgEbyo4i4osNC

  Score

  10^/10

  redlinekukishinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1