Extracted

• • Target

    09fb1568b0429656bcf69bf3831c934e.exe

  • Size

    418KB

  • MD5

    09fb1568b0429656bcf69bf3831c934e

  • SHA1

    5f204132ae9ec3a3ede7d33fb0d8fd05c966e799

  • SHA256

    879d92805876eb222643e74191e2599c6816ff347adb16eb2b3e9f091b8893b9

  • SHA512

    8401b37fbb9ddc81a2f03ed6fac4ae62bac0a78222dfda6e7e5eaefe91dc14fd1b72fe9cd61f387d32d077277c55f3cd47c6133d95993b991ba2efb3a58cfa30

  • SSDEEP

    6144:qLyLVUwZSUdwiEEblXQQ6q34kmQAlf5bnKZMS/sa8PPzi6Wb:q+JUw0PEblh3/m5lfZOEakri

  Score

  10^/10

  redlinerambodiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2