Extracted

• • Target

    70afb838d618a37666469caad38e1968161a2fa3edc04b5f5b4dd9c214c79e04

  • Size

    237KB

  • MD5

    e08ac068c8478eb737805a6685813372

  • SHA1

    5be10bf44a41eef31f1fd8e0adb07dac4312bad0

  • SHA256

    70afb838d618a37666469caad38e1968161a2fa3edc04b5f5b4dd9c214c79e04

  • SHA512

    9bc20aad1401876a19b10b06412012722dbe6ddfcd86118df4b1bc258f4b7fef83bbafdb6d8c2788fba2ae9fad3541732c35ebf99aa9fcb89753ce02429ea235

  • SSDEEP

    3072:Dah5eBvH/YJRQhygd/c8UJPzWOPEtd+HUI+XS0r7xK8jau+O0vLG8U/jE:c5cPWQEgtWPMd+KXJr7HHt0va5/I

  Score

  10^/10

  redline7163237259_99infostealerspyware

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2