Extracted

• • Target

    1a5122337e05773c5517c37d26bae1c9c0c6e3805b775580c9ca9ab6ff304240

  • Size

    362KB

  • MD5

    1314b15be53be99f2b66469f4ec7b483

  • SHA1

    54b3992d9231b578dab8ba73c573f80b12e87757

  • SHA256

    1a5122337e05773c5517c37d26bae1c9c0c6e3805b775580c9ca9ab6ff304240

  • SHA512

    8d143af2c9c72a2c1f3ea364bfb4132f367a5f394e18839d112bd2071bcc5eeb3c972a13902a14b181164f6d95122b528d37b9235d10f6c0a5b02515868aaa6a

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1