Extracted

• • Target

    879fcc0afca0f29716d7f21f7c09aa036b19a7a31686ee05861c345a24f06bd6

  • Size

    363KB

  • MD5

    a735b34f08909dcdb48b461878e395ef

  • SHA1

    2e3cc120d13e115ae1492161ae683c9b04f7d501

  • SHA256

    879fcc0afca0f29716d7f21f7c09aa036b19a7a31686ee05861c345a24f06bd6

  • SHA512

    57b3f39f3cb26b31fe71c976007c68022f8520ece8a577863b1cf3cb62addeccaaa3106f50df705145058e8a458db957e9953d80c3116cce04b41b7ee5ebb6f8

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

  Score

  10^/10

  redline0002discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1