Extracted

• • Target

    2dae85199cef5a4596e5bb6372a14c8dcd66f2fdbd7c0.exe

  • Size

    354KB

  • MD5

    abab29d520104b7edd956939380a50a8

  • SHA1

    30c35697246ac160da07cc33731682c0c531fe92

  • SHA256

    2dae85199cef5a4596e5bb6372a14c8dcd66f2fdbd7c02a1756736a660222e36

  • SHA512

    49be3a5e3fb31f9df4f07296ada4696d82b09021657b61e6aaa4aa0913b035f396c7e082298b2ec72b22a94c310d0ad195bb257599361b4c5729499b4f5a9487

  • SSDEEP

    6144:h0bcj84LvhN21wHRrTKuEkBl/V8tOuiWiyw8RW/fpy7c12N:h0bco4LhN22HNTKuEgGeymE

  Score

  10^/10

  redlinefotediscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2