Extracted

• • Target

    Executor Injector Installer.exe

  • Size

    2.4MB

  • MD5

    3fd79871c74d377df8940f06ea8c7ac0

  • SHA1

    301353d765055c09b2b893afa7b3d4c12f97ee2a

  • SHA256

    ea9743d1ac71e9032addf63319eb9fd5f403d9d7687040c098524c0c85fe27d0

  • SHA512

    9a18785eb56c4c50a172fa9e4348124fa301addfe88d8c9aa440ac2135155bca29294f7a484743e6f11692bf7c804c61708d0351e940cbb2001b6a871ea702e8

  • SSDEEP

    49152:R/l6UIyFQzWJ/VIj2+9lKuvCb9SG4KCv/12DAN0rKOWN8O3b0/3GhiIAzP91:v6KOCtd6lKxbjMX14

  Score

  10^/10

  redlineinfostealerspyware

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Loads dropped DLL

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2