Extracted

• • Target

    aa0391cbc9a77ad34d11fd126a4c12e9b8708bb4386373f0edaacf0f2f89648e

  • Size

    361KB

  • MD5

    38ef96f61d80df8f5a906a11d24b01ce

  • SHA1

    563c23694751b5a2157a20f8b60afc1256744b7c

  • SHA256

    aa0391cbc9a77ad34d11fd126a4c12e9b8708bb4386373f0edaacf0f2f89648e

  • SHA512

    78f048e72e4dda3005a4a9dc6c65f6e02d936d32188ec1c8e4dfe9a31748ba9728b0ec90038b02e066d4122ca850f083fbf044fb7f4a935b1aa578d0b6acc182

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1