Extracted

• • Target

    d12ce7cab695c5e5f6651e10118164a2bd50706ec263286af3a1f9c4d45a11d4N

  • Size

    495KB

  • MD5

    51033d61f3a782bfec52f8d13cca7350

  • SHA1

    08d3b2d7095044ce6d82f4ea46e52972101cbc35

  • SHA256

    d12ce7cab695c5e5f6651e10118164a2bd50706ec263286af3a1f9c4d45a11d4

  • SHA512

    9c09aeba2d23eac17ba5651129f02a4b01cc6ccdd4bb164bad3afa24e5b43337ea08aadd0809e2f63cc053a84b367e48e64efc6ebdc5814aaf7142557d8035d3

  • SSDEEP

    12288:LVYT8EAmbt0A7Y85j9z54lIZwbyjDQxj2xlNU/CqoMip:LVQymh0kYJEGCDGMMfoHp

  Score

  10^/10

  redlinenormdiscoveryinfostealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2