Extracted

• • Target

    cdebfe7146a1a02ea3e17fc71a17dafc.exe

  • Size

    408KB

  • MD5

    cdebfe7146a1a02ea3e17fc71a17dafc

  • SHA1

    63dc07a5b73d510dc705b3864250c6934132371d

  • SHA256

    4936f9d0aa8e00dccbfca1c2bff2687c8e029479121b77863cf43d8f3b08a509

  • SHA512

    45d5e3ed9a4865d0f3d12aaa5c39f04b298cc6c46e3db1f22c3e251eb3f37b8fb9607bd6c9e31afe65695c84bbaf99b6d19e9722c21233478129aad94ab13224

  • SSDEEP

    6144:wYPL3QHZ77YFx1fTlMgJb0zq9174b5mjqo5oI+x3E5:weDQHOFflLbTtU5m5w

  Score

  10^/10

  redlinesportdiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2