Extracted

• • Target

    f6d58e185ba6fad4260b162bc5b24e32.exe

  • Size

    278KB

  • MD5

    f6d58e185ba6fad4260b162bc5b24e32

  • SHA1

    dd16b8e997cca52f61d43265e21609e6ba240c38

  • SHA256

    c66cd92a155b70f1335dfcff0825bf851b4b1e9c6ea53e6d6087fd87df8ebe50

  • SHA512

    4aa28fd978b7e1a2bb8282879951a87e302274159dd024d01aaaf63113793d85500a5867da5d8b291448e885822815f12f6515c7c53427f8c3a25a539c95b563

  • SSDEEP

    6144:dLdKKm3Lz6nOxFaQyOhOjLdaIFPT6C7hHAl3p:dBKKAH6OzaL8ObPT6SHQ

  Score

  10^/10

  redlinefredydiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2