Extracted

• • Target

    file.exe

  • Size

    420KB

  • MD5

    1f2a7a9a140a2c2c1d71eaa232d0af35

  • SHA1

    14651addc7f126a3f985c016e2cd7f087c31fdca

  • SHA256

    d2bf6df63e6a4d0ca6461c83a7c3294bef954eb3364ed27355f90b54bd51417f

  • SHA512

    78111ee9617e42f16fec5a3d3267acde91a46227dc863e00a3ddd17ae87eda52a4a58debfb48eba3f6113473eb9e44dd5e6c98a2ea569d915ca74d36da560e6c

  • SSDEEP

    6144:phvfLMiEDB/7XRi3EpGJTs/1hfuq4d+lEtcCjkBkIvuuOph1FNng6:phHQiUlrYO1hmq4dj6H5uuOdFNnd

  Score

  10^/10

  redline@new@2023discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2