Extracted

• • Target

    add5ae95192fa632a30b679e934ff16cd46c8066e93e463eb63dee4cf273494fN.exe

  • Size

    426KB

  • MD5

    a1257f7a46a4a673686424ce6f13ef47

  • SHA1

    566a2f459abcd182b7079ccba7ac6f769a9de1a9

  • SHA256

    f5462acab2293308d6cf217bd6eec6ee6c95343ba614f06a19676467cbb075c5

  • SHA512

    6ef1c27dd8657403a40562443f3f282fa8a1a7bbbf1e950b21e8c17a2fe741f2ee0692e3245f0b6000c2c444ce9d33095391cdbf67fcc415f85fa42f01b0b91e

  • SSDEEP

    12288:KyoQSinu5Szy57qqJhqwssURyGkCH/9Jzu2xUJ7+YN:FoCuIy5+qJOsURvd/9JzBUR+YN

  Score

  10^/10

  redlinenormdiscoveryinfostealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2