Extracted

• • Target

    BoltCheckerV2.exe

  • Size

    17.5MB

  • MD5

    a650737d924ff2fd21478e4529bb1b08

  • SHA1

    b4c0b3df300104544e9a1d659e286b0de5650eff

  • SHA256

    50b5014765d80e10215e4a33df9f6b62cf174503437d7fb1e8efc2f9197b69e1

  • SHA512

    2c755955e15a3ab3e1d15e06c03ad4157dfbe1bb11fa601499e94a798289b1e66b345753f2d305cb5c2e0abb61bbd6efa8937f66003302fc026ed851f6cfa842

  • SSDEEP

    393216:JQ782hu7O7vz/61OJLJYU/VmxsYUQll9QyhslLmi4mpNz:+78Mxzz/6UJYwV9YUQlALmQvz

  Score

  10^/10

  redlinenoudiscoveryinfostealerpyinstaller

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1behavioral2