Extracted

• • Target

    6af3c9e88a286934f4eef7f46d6d2bee6ff36c59d1b8302e7a38a947fdd15265

  • Size

    360KB

  • MD5

    174b2d5e829a28d20696132d22912a3a

  • SHA1

    65da9e9a82e099e55a864bfcc146c97950983257

  • SHA256

    6af3c9e88a286934f4eef7f46d6d2bee6ff36c59d1b8302e7a38a947fdd15265

  • SHA512

    df891c4b58c9e54b61bab2e9cb20614efd2e919cc78d432642e54978d66b0aa05474ff2a336c6d1d2b449d615c4be69d62d52a1195f9a9b8fd55a4aee5d79e99

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1