Extracted

• • Target

    thisIsScary.exe

  • Size

    746.2MB

  • MD5

    f359144193a123071150ae6d7c998a2e

  • SHA1

    f521e43219ec31925397cf358b0d965f0597ef5d

  • SHA256

    4297e5866beebdedce1e28b89724a9853af982bc39988a38cf3c70db2a98c86a

  • SHA512

    c577cc3ca0354acb1333ebeae9b4abd50c088a68fa3bcdd499404f38c8f05b79a3322972d3ff5a729fc89ad4b72f224173a16e8d7f22929f6f41b5b50369baba

  • SSDEEP

    24576:3R49/r0wcuSm364suiUv9poYGOecJz/tzYUl8RvIGLlECdB8MIw+RY6ATLZFAgYq:A/Mm31/oLO/58qnRL6LW

  Score

  10^/10

  redlinexmasdiscoveryinfostealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2behavioral3behavioral4