Extracted

Extracted

• • Target

    87029f9f74ba90a655d0179c4723faed84d8836de3112bd17b7a74f8ee06531c

  • Size

    773KB

  • MD5

    f13783a46a95e4ec45b85c014194e58e

  • SHA1

    96a86993841629b8adb22310b3120a1df770983c

  • SHA256

    87029f9f74ba90a655d0179c4723faed84d8836de3112bd17b7a74f8ee06531c

  • SHA512

    3299dc933338e44fa86ba6f1261dc0bfb4e76880989bc20294bda91eb78e118c1d309972d6a653b58a37a6094c584408f55bb362301ebd15aacfad624005f829

  • SSDEEP

    24576:zyIp1jz8mV4u3dPEOPYBHgbWmiJWxiKiUq/k:GIDv8s4uTqHSWmsWx23

  Score

  10^/10

  redlinedantegenadiscoveryinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1