Extracted

• • Target

    4b0a154e63667842a1ba7b011338281f00b35b9c72a6444412de3a9afcd23552

  • Size

    536KB

  • MD5

    817bf223240befb04b72e0ac1535d1d4

  • SHA1

    ec37ecbddfd840faa0bb07db181ac65b74913313

  • SHA256

    4b0a154e63667842a1ba7b011338281f00b35b9c72a6444412de3a9afcd23552

  • SHA512

    1a408beb4b42410cf2f961d98d4dd48bbe3b2608f3307cf21bb62aa0306e247355baf2d5360c08705c717eda9135c9a6a0b9765885af8feeb33887987045f5ae

  • SSDEEP

    12288:qMrIy902Fxt/spaPiZzYTsMs0dncPlW8xEcLoAf4rbGkhWN:ey5xt/spaPiZ2a0dcPl91LZMp8

  Score

  10^/10

  redlineromikdiscoveryinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1