Extracted

• • Target

    a7c8718232d62ba7f6d4df516ed763d5.exe

  • Size

    412KB

  • MD5

    a7c8718232d62ba7f6d4df516ed763d5

  • SHA1

    454096aea49770363e645f086fddc4fe311aaf8e

  • SHA256

    2ddbf855aadd7387d97ab115a0f4b80abf71e6f5b0784b29bc9b3a1f67b12917

  • SHA512

    6a05e0efdd9177de7ed043bbaa01c49aef5480b3e833456cf61afe0d69fad92eabbfd85708db7e9225da9e668295deae1da7aca66c70d829ee7861ff40fe7128

  • SSDEEP

    6144:YUXLysevCvVk80hMzeMM4EAT50L3u3fpFf26cyIxZ1WqqdS091:jXOsOCiMAy8+3frf26cdYX

  Score

  10^/10

  redlinesportdiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2