Extracted

• • Target

    6df2e7ac9da43be524acd6ec7eab4b46d66124650809e642372c709904665f0e

  • Size

    362KB

  • MD5

    0fcbb38add32a0d699e06313f2347aa4

  • SHA1

    97cacf68a79797bafbef5e88de2f3c8b5596411b

  • SHA256

    6df2e7ac9da43be524acd6ec7eab4b46d66124650809e642372c709904665f0e

  • SHA512

    174229120762ce6ca4a772a4bf82beb0a7f2d775868db2ac6163b477c3bca988f3260444732da997313b39c63a4fe931504a187e8507ccc2cf124046db0280a4

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1