Extracted

• • Target

    1908-57-0x0000000000DA0000-0x0000000001872000-memory.dmp

  • Size

    10.8MB

  • MD5

    d6e9f067c1b62542f7b277b50e1c1f16

  • SHA1

    368372613275bafd06a3d00e20198305bdc47ebf

  • SHA256

    f473e7910b282581adbaf6123cd1632d2c2241642cbc304074c5ced99b7cc409

  • SHA512

    f99e4a627ce4eecfcef55448e353375a5ef412cc0a2b7e05f463450dac766771402c696ff1972f9e9be02b55457ba75893f4fbba9af98303853ae2b74e5df602

  Score

  10^/10

  redline1488discoveryinfostealerspywarestealerthemida

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Themida packer

    Detects Themida, an advanced Windows software protection system.

    themida

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2