Extracted

• • Target

    4f50d238b64d200099cada6ac7347351d67b70b8d1474e48075423a60020b438

  • Size

    396KB

  • MD5

    fe8660eab639b0a467adeedcdafb1a3f

  • SHA1

    f9bf6b28f2d40744f41fef80dcb22bcd0312714f

  • SHA256

    4f50d238b64d200099cada6ac7347351d67b70b8d1474e48075423a60020b438

  • SHA512

    9737f98c0103ecdabe3c6bd0eb5894d449a16b82f84822e1e01a770b432e8b8eb1af772af87c7f94e6c2cbcea0b7909985eb31b583c2ef96bd037c733e08a168

  • SSDEEP

    6144:tgizLx6RSZEHpllIZM1X3tnf7WqUyuNswFVsILwMQF/fAd+84mqMoIxfAd8M:SmF6gZ8lcIX35St9J6FwdHqM3Id

  Score

  10^/10

  redline@2023@newdiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1