Extracted

• • Target

    d676a9e194d2442e057bd9d03fdfd1f372ca72816ca4fdbe9a243a4626bf5bae

  • Size

    488KB

  • MD5

    e43fde73b3f3d42bd413a53824009289

  • SHA1

    baf351fd6d27595722fde16b13da4aae37afb229

  • SHA256

    d676a9e194d2442e057bd9d03fdfd1f372ca72816ca4fdbe9a243a4626bf5bae

  • SHA512

    246a630f3e355c541d7a103144fd801ba178a5111d0b8e4423cb0aa2d9f2d5e1c81665c24f7fde81181b5ae1f6483e859b395548db89e229b9687c16dbec6f1b

  • SSDEEP

    12288:NMrcy907KV6/xteJadHqfRSwnM1gUPt/mp7zsBo:FyQlZXN01s2

  Score

  10^/10

  redlinedippodiscoveryevasioninfostealerpersistencetrojan

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1