Extracted

• • Target

    ec14eb67fa563b9ee26c13862c5a952d788b3d79cadafef49cdac81db46d441e

  • Size

    361KB

  • MD5

    1e74c23c1da6cff39ffe14de58ee0cc8

  • SHA1

    2d64cb7070da871df6bf9fcc119f009d20c448a1

  • SHA256

    ec14eb67fa563b9ee26c13862c5a952d788b3d79cadafef49cdac81db46d441e

  • SHA512

    df1d5fd9c74d31d5af158d367cc92fe9e03ba23d7cfd408bb6099225fe361a6b4c68205f28d79f6a82a9f2ce3859559c0a2fd718d08def62759ea7580e6ac4d4

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1