Extracted

• • Target

    fd7cac1e616ac9fbce17dc97d40b9f1d6b21f72b979636b9822b16e56e617abf

  • Size

    361KB

  • MD5

    37642d204cd95fda703cad7075ae352b

  • SHA1

    b34dcccf4e60439b9e5a5910110b883a4c9243c8

  • SHA256

    fd7cac1e616ac9fbce17dc97d40b9f1d6b21f72b979636b9822b16e56e617abf

  • SHA512

    d919da2952d10d9b9406a483780ffca0d928bcad1023640d90426250d6966bcfee34fe29b2a80d8bdfe6ec0cc34e16c0d2e4c8975c8238e9bd4b86250cff7dcd

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1