Extracted

• • Target

    1c79f28429400ca9cd6eff37e0de908abe7105b2cb6a57e842a04bafcf3ffcc6

  • Size

    361KB

  • MD5

    685c0049918c335a4c13fd67df6bc5ac

  • SHA1

    45b5f48100156affc16574f1762037c417b6fbfd

  • SHA256

    1c79f28429400ca9cd6eff37e0de908abe7105b2cb6a57e842a04bafcf3ffcc6

  • SHA512

    6e877f422a8b6bdf814a44f5c2fd688da347b65bcb434caca884a8d5cea0283b22555142f3c744cf58b22803511256504a9bc1af34efb664f54b0bd7d045c811

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1