Extracted

• • Target

    uJ9LL1Bk.exe

  • Size

    1.0MB

  • MD5

    dbdcdb1cde294de9c8cbddee99e0f8b0

  • SHA1

    5f8ef1045334298376161324e4ecce8cc3d86192

  • SHA256

    4350b190efcec9b78992be24f5131c24bfdb0617d1297aa74cdf96692b2ac056

  • SHA512

    dcea87b7d4bea51cb31a7034cee7244892b41f931302ebfd4c8b8c687950a28ea8d16aa191616bcb06a4a29f30e15410f525f26daf205d0802f86a5a2973ee18

  • SSDEEP

    24576:py6Kqw223NAhePQJRmAj67tEbqFNldBdhjHTDlPF:cRqnnA1Eb6DdJH/h

  Score

  10^/10

  redlinekukishinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2