Extracted

• • Target

    6478031c96701d5e0fa1e55c16489ed864b6e753bae15727e4f636c23ae65754

  • Size

    344KB

  • MD5

    e7d859eb6111475ff6d0a94ba293cad8

  • SHA1

    2d9d9fe4aa31a6b98dd43b20480b0d76b80af778

  • SHA256

    6478031c96701d5e0fa1e55c16489ed864b6e753bae15727e4f636c23ae65754

  • SHA512

    6780afa642e284d4bf9dddbf514779d9d753ec6c5f1dacc5900fc159887c46c677c59684d148e4f891caf90a005f01c912be79769b908afa71de7e018ce2715b

  • SSDEEP

    6144:hLXnlzR0f25ABTExt5GINWDCA/ldktZT8HZCEHgkh2LLaMiy9H:hjnlN0fUGINWD7aiAEAkEL+K9H

  Score

  10^/10

  redlineshakurdiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2