Extracted

• • Target

    3630b9fd9d3d3f24c1b3116118f7068b48c74201938a8fdfaa4d32116d383abe.exe

  • Size

    580KB

  • MD5

    d8f38558bd9c4a83548ba56ef5e31244

  • SHA1

    b9a5780740c0ce32515eacf5880d8d54c1328b45

  • SHA256

    3630b9fd9d3d3f24c1b3116118f7068b48c74201938a8fdfaa4d32116d383abe

  • SHA512

    407c4ae49e4a2c5a6b10fd92819e04f9a5d96cd8518a3181b9c4cbfeca471214eeb5ad34d0b2863beb1848e39dfbf89f8df1b79b625ee667d206f26af41d1009

  • SSDEEP

    12288:EMrXy90ujBwhs/sT6PrijXwqpdIeOjMq5j2mCgjX4:DyvjWhs/F+jgqpCgyOgj4

  Score

  10^/10

  redlinefukiadiscoveryinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1