Extracted

• • Target

    e0f318560fad28284276f0827816f0c69fbbeb8691069f74520ca89caa0285cf

  • Size

    16.3MB

  • MD5

    d43f533b64aad56fd57f9495a148799f

  • SHA1

    3055cdcf5144702017c4cd434039c4beab212ad4

  • SHA256

    e0f318560fad28284276f0827816f0c69fbbeb8691069f74520ca89caa0285cf

  • SHA512

    be996d12603896c81c67f7bd9b862834592057153ffb85d2b39f4bc8cdf10f468d2ba54f1080bc856df959f84e7d9ec0badfcc49be8034282647c1861aa2f1bf

  • SSDEEP

    98304:7TVcrqDTJOrUoRczvVUon8Hhrldx2LJvuG021yQEiCn9CI7FgG2LNm6mcIAxsemh:7Tin6KoaFuvuGt1ypimVcWejq

  Score

  10^/10

  redline@ytlogsbotinfostealerspyware

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2