Extracted

• • Target

    file.exe

  • Size

    485KB

  • MD5

    46b4ced716b73e7bfc35daa1c7b83936

  • SHA1

    5e1d4219adc65f8da317c21f7e7bb96cb4443528

  • SHA256

    a5965f76ccb6fdb4ec6224186ad0770c2da3c469fa31405b1407c403352e778a

  • SHA512

    6ffad3065d1206f6b32ee8f0f8b9409190fdb30360cf1e4aa86e0b6e7a9fb61115a2b643c10c896f7ce49ea3648c3d83e805d49728756eeb5d74384fcc41219a

  • SSDEEP

    12288:gtRxHnCVQO2aH4FUbgS877NU4DZMLzMIbgvYKywEJ1i:gVHCNBHfbgws8zHbgvYKyNi

  Score

  10^/10

  redline@new@2023discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2