Extracted

• • Target

    ec02bed9a1cf512f70ea5915c3075e3b039ffdbc514b5a53bd55143d82b8322c

  • Size

    554KB

  • MD5

    5a9a3d394854a9a8d9de32922c512ec0

  • SHA1

    5b67a447c69affc95f35a2127dafaeacf4fe268d

  • SHA256

    ec02bed9a1cf512f70ea5915c3075e3b039ffdbc514b5a53bd55143d82b8322c

  • SHA512

    fed2af2aeaedde9077a91da3628177ffec1e3839bbf5bc43bf452b1a26ce20122c7470325b5399e9253235dc49a0f9e15612df0a49d5d3b7a0e53a4c446fa14e

  • SSDEEP

    12288:TMr4y90A0QQjS868XuUSxnEFpAWqJ/2+Q4J7DgRDh/hCIA:DyPweb8XZE2T0e+Q+wlh/cIA

  Score

  10^/10

  redlinedarmdiscoveryinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1