Extracted

• • Target

    b2ea7a9d25b82319f1dc39b3da1dc38b.exe

  • Size

    383KB

  • MD5

    b2ea7a9d25b82319f1dc39b3da1dc38b

  • SHA1

    a9dfe41eaad0b74db20bb4ee2daa890d00d7b3dc

  • SHA256

    ec59c46ebb679e7f4493c95caf7fe531a53070f8575fcb6ddee5754bfbcdc5ef

  • SHA512

    547c2a364ea549773adc464255bf548fa3b138eb1c1591ca4441ab17c5ede68248981a965d75170994e5ba0855548c24994ee8c6d5379f29911418c382a55731

  Score

  10^/10

  redlinetm2110discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine Payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2