Extracted

• • Target

    198fb046e30bf3991f698eb296859c4c5b1249ccb2f268cc4107dc472ad66d87

  • Size

    459KB

  • MD5

    b0a20a2f6a79f9773374de2933842093

  • SHA1

    21a95d3952dceb1bc16292a7dac158bca3197346

  • SHA256

    198fb046e30bf3991f698eb296859c4c5b1249ccb2f268cc4107dc472ad66d87

  • SHA512

    e8307dcb4c63e33851513017e6b11e244bbe1a61953243afb42ba6dafb83ee53f0120eec32fcb3d32ea51133d5d4824503261eaa34721d5a3796a51e98e6c936

  • SSDEEP

    6144:sTdmIxLcApQzpPBfePvfR4lkiyKw/LLwEnzST11bqUhD07oUDyhOYuRjMgU:ssmZQzKPv9dHDLwzXWUh4/DyARQg

  Score

  10^/10

  redlinenewdef2023discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2