Extracted

• • Target

    0241045ab5912d9b68c02df8f703c7dd8cc62b7f4013b76d06d3c1faf9d03848

  • Size

    412KB

  • MD5

    ab5e612769f8b7b6e03871af002d09df

  • SHA1

    7b4aba3079b6fa4d6f04a018615f7c70a3ef7ff2

  • SHA256

    0241045ab5912d9b68c02df8f703c7dd8cc62b7f4013b76d06d3c1faf9d03848

  • SHA512

    7fbf22032f92e4508eaba3e74d8e9cbaa03c623e71a88b687bb26a023c177e02ccc70e7c60d3aa0e1416cb368910dc49c7ac0e98f7b510e933958eeab4d2c80d

  • SSDEEP

    6144:GBrqpaL2WoEQW6uJcVVaLI37OBtbdW9xjrX4lO6fE6Nn:waaL2WoSpJkaLIylUtrDJ6N

  Score

  10^/10

  redlinenanoid2022discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1