Extracted

• • Target

    ad44e5e025555e4f5d9d30d3205142148f60331d9f74f9df6e50293008ba31ba

  • Size

    360KB

  • MD5

    790a20570e2ef3463bd5ca0b5067cb15

  • SHA1

    c4096e9fcf034eda646d8b5dd79ede876b3df3dc

  • SHA256

    ad44e5e025555e4f5d9d30d3205142148f60331d9f74f9df6e50293008ba31ba

  • SHA512

    fb8e5a56482c4ebadd403c22be1259f1574dadc0fa5a9d2a882ca87b871189516d9edef4ba8537bad804f9c53a57f3af13d5f7adca161f17dd17f2f4625616f4

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1