Extracted

• • Target

    05e2c0da5fc5df710cfbd7cae371c18656bcbb15fd695d7d2b6e492a18d56ecd

  • Size

    362KB

  • MD5

    6aae2911ac131dab22d07efbe0bcf59a

  • SHA1

    269c8e881de07ccb4c3acaee5edd5c69ad29bddf

  • SHA256

    05e2c0da5fc5df710cfbd7cae371c18656bcbb15fd695d7d2b6e492a18d56ecd

  • SHA512

    f278d0411dd76c4ba9d47f0e292a6208df07739548077996b71807aed694ecda916cc458005aa650577c3aa157d37ae05955f0cbdea878bf20ab751665858c51

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Drops file in System32 directory

  behavioral1