Extracted

• • Target

    file.exe

  • Size

    380KB

  • MD5

    6a7563d62f1c2dc37f851078e0582000

  • SHA1

    cceb32b53d4ffa5ae02576209a39f0540afa7873

  • SHA256

    eac0699a65b0bb5a891589fc5bffbb8de35db577f9292b8d1d43fa35b6b1df60

  • SHA512

    0248d496bf4da53c66d9d6d59b7ad789c86b3163e240dbc770750beb0edc525992278ea48778655c9fac66d974a671df11f8d198cdd34cdfd60b73d19989fd89

  • SSDEEP

    6144:KBLNdiacxywhv/KenhFORi7WyLhK+e+eSQzpk31eG0xHji+Vl7l:KBxdibxj/nSRi7ZQ+rerzpkn6nX

  Score

  10^/10

  redline@new@2023discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2