Extracted

• • Target

    baaf32104f474e63a3796052e9c892263fa05f58edd7de8d3bccecac08107997

  • Size

    277KB

  • MD5

    6d08b98ff314f5621f656b8d0a991275

  • SHA1

    4d195676dac73d4df0003cda5b29138be94821b9

  • SHA256

    baaf32104f474e63a3796052e9c892263fa05f58edd7de8d3bccecac08107997

  • SHA512

    a3769a130c27bdd2e9a0e66dae166b0ebcd752da51db4b49a6e87417c60e1cbbb7a841831224ba9ad44452a9a157d96133e8005ca1520843d6d7423e66336dd3

  • SSDEEP

    3072:ePjx0ADKrqLOwZzoXhdWgMeEdAngc136aTm/KMoRvjR9cibZj5UnSuRnHMX:aV3EqLOq6hd6eEmbTKKrRN91bZgWX

  Score

  10^/10

  redlinepub3discoveryinfostealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2