Extracted

• • Target

    8d573554aa963010f6c7420f0a77d8b75fcc6517268e71ddd58cdf879406c8a8.exe

  • Size

    428KB

  • MD5

    31562a3df353729b80d39c27a2b0afcc

  • SHA1

    2928d661faac47435c5c15d329ee1f10719003ee

  • SHA256

    8d573554aa963010f6c7420f0a77d8b75fcc6517268e71ddd58cdf879406c8a8

  • SHA512

    24e70e07364ce8df564bfef4fe3bee32ae5df2e15014d45f4c67eb9a96bd31761d3d858a183e5af31168e8b9d37be4552cc22464cb54c000a8bab66d5559243b

  • SSDEEP

    12288:Y+Rew6JNEZSW/BsEcUUBnlBerxqzpQ6ijqF:feEoQiEcUEn69kK6Z

  Score

  10^/10

  redline@2023@discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2