Extracted

• • Target

    file.exe

  • Size

    434KB

  • MD5

    291586b8bc2245d21c3bf0f43c82ac6c

  • SHA1

    171860a6716d54aefeb5bd2abc63925f62959f59

  • SHA256

    8e2aaed94bde449f61863a4023750187a05fcf0253317bfc4ac2f04480042af8

  • SHA512

    4b23ca577508b29affa3f8b7ead7657db4eb10dffcbb931b5ec87d5cf16f7cd5f2be45651162d50cfba50108d7657a4ec48c786c106fef80aa31833fbae4f7c2

  • SSDEEP

    6144:1aZL1V2r0uzuKQszsP2whAyl9m1QrPTJrDwR79UZdLaYon5Jk4eROw1g:MZRV4LzujsMeyl9mQTRDwQdin5JF

  Score

  10^/10

  redline@new@2023discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2