Extracted

• • Target

    69dd97850f63fac1927313fb9983ab58

  • Size

    1.1MB

  • MD5

    69dd97850f63fac1927313fb9983ab58

  • SHA1

    6b8bca9b8e5e8b32f198c37c08358533bb73a16e

  • SHA256

    84904a91de28f8aff1863d9831dddea0110e94761287579926e843b1b4046608

  • SHA512

    e59677426f60c3d7bcf36f5d12cda37e456ab79af45fe36506959f4da4215a36711b1399edc0dd8b9d65e6818c3abf2d8a111e9e90e6d2dab491e27a6554e526

  Score

  10^/10

  redline33344discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine Payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2