Extracted

• • Target

    323b4c54e89512e302355e4896b792a92cf3561f84653b44a5cefafa45897f93

  • Size

    362KB

  • MD5

    809b70ada56b03c9e136e27994573853

  • SHA1

    f821c36fd044a0c4626f54a57d35bfae14102f20

  • SHA256

    323b4c54e89512e302355e4896b792a92cf3561f84653b44a5cefafa45897f93

  • SHA512

    08af35941c61ebc003340ac92acfa7a3837316774b79877dd1a11549f6bc76d4a9d26f304b486e7cccae1f7debd194a0507185b66988cc8a4c1b4f9ad0b459cd

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1