Extracted

• • Target

    4ffde68b73fe6a3c75d6d7dbda8a3fd7f7e46ba9df640fbce68e91d94be41d18

  • Size

    643KB

  • MD5

    3afaa9ac259d7998352eb34444610e90

  • SHA1

    28ca1f2169ca893b0246e351db284f0acfa3a0f3

  • SHA256

    4ffde68b73fe6a3c75d6d7dbda8a3fd7f7e46ba9df640fbce68e91d94be41d18

  • SHA512

    b33241033afe723f5645cf4fe2548e5b99289227540d53decfe728a0aba07e9b3ff08e80a588a3e537c9049f1da084ab17e823eb1ccbcc4a2c6d1a8ce68629ef

  • SSDEEP

    12288:GMrPy90ZpnkH0gRVkR3uKZKHJ5wnH/HdjMjy9sjr4g+Mi:By6C0MVkRroJYzEcei

  Score

  10^/10

  redlinedarmdiscoveryinfostealerpersistence

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1