Extracted

• • Target

    d3d9x.dll

  • Size

    512KB

  • MD5

    4b75d83048343fc02744fee64d8ca8fa

  • SHA1

    6fa69c43490661d7b43b6985a223410d713dbed2

  • SHA256

    ec1cb701cc753a1a05d349b1f5da907a3f7c365fbf0d209a0c71c644f27e700a

  • SHA512

    d83871092ba20cc32fedce9627924ff797e8c409b2b07a72c0ec9aa292ac6b5fa64eef6717abf4fd5e135b8fb3e5a68703bd21a2364fcc03970405e71a2fd16f

  • SSDEEP

    12288:FLaa5kL2dwqmJjZA9Esh5gp3bfZOGbdcs2zZ9t:FLaaeIx4vs4p3lOGbuse

  Score

  10^/10

  discoveryredlinecredential_accessinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2behavioral3behavioral4