Extracted

• • Target

    0b521313f61cb070b50cfa40c898023ff3bb51fb4d428c98c194aa35b2a35940

  • Size

    404KB

  • MD5

    6fa0443422194c2d17c3aef834fdee22

  • SHA1

    4e316d7bc461243625e7f5abfbda2cceb5f89006

  • SHA256

    0b521313f61cb070b50cfa40c898023ff3bb51fb4d428c98c194aa35b2a35940

  • SHA512

    25ec55d6c97884a9e784f4e0522082a1de29d57c278ef4878aa6064a54a1ea66539f52506d904ca9fda11391b7e32acf6cfa4c4530e46570cf27df064250f407

  • SSDEEP

    6144:NLjDeAelNcH3pJ5NGwfuNJUMiV3t3+uyVEYvqz+3ng+E49HwchLP3i:NreAmNQ3pJ5Nz2rSdkKBwnVZH9P3

  Score

  10^/10

  redlinenokiadiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2