Extracted

• • Target

    f61e85b6e2580ab7ed1e7ecd1141d8ee531635513ba524cfaa54266c540b3261

  • Size

    875KB

  • MD5

    72dff09113653c4f8785c7b0a3ae828a

  • SHA1

    752dbf3ecca6600eda2da64eeff4478c3466153b

  • SHA256

    f61e85b6e2580ab7ed1e7ecd1141d8ee531635513ba524cfaa54266c540b3261

  • SHA512

    a0d740a63e5b1e1c532f45dc4f8d63147ca113c9cc0801df7b2e1d1ebde15559f853c94c155348c3ffb2beb157d3cf745d4f28c553ac0251d906cfa308338ba7

  • SSDEEP

    24576:ryEyzdmXxNA+AeTXHS9BPM7ajY6DntxtZ:eE2dCxbLO0e

  Score

  10^/10

  redlinedimasdiscoveryevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1