Extracted

• • Target

    321d2072d365e92263816984e3e7bc9db7814e33380a3f38ca4e40367ccfe9e9

  • Size

    1.2MB

  • MD5

    acbf8683393b9f3e772313dd600e0986

  • SHA1

    549e107875291828c5462e38a5aebb8a66c8d2cc

  • SHA256

    321d2072d365e92263816984e3e7bc9db7814e33380a3f38ca4e40367ccfe9e9

  • SHA512

    1af8881858e860ce7ab77de83fe54f54faf8ae58aef22f47929f9670671a171ffe1a0ee539a338352320f2110b124625728f7cfae2cc32be300322d398e33407

  • SSDEEP

    24576:AyzZd7YdcdW+tqqs7Yw/HEq4rEZbkupcCW+h1hqAduntjcSpgTfS1:HP7UStq7Yq4Aoy7Wu0D4Spgm

  Score

  10^/10

  redlinekukishinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2