Extracted

• • Target

    tmp

  • Size

    175KB

  • MD5

    a7836eb23a023808fedb12c080314dc7

  • SHA1

    f7a3d881b8a3087b7cc8e8b2efd0efa2d745e49b

  • SHA256

    bf5e49b09c2c5a21efb1b68d246fa57ecfd37f77e36b087f785f5079096f416e

  • SHA512

    78e96bd870ad4a36be3599832acba2210722c350b3970adec7c0ac0186ecd3639e28efa18c193a520fdf157ef4d8d238f60f2d8cce748b797ffeb0ac9614dc61

  • SSDEEP

    3072:ExqZWWFa7E6T8WDbta4keK49rh+7xNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOF:aqZPWDbtxLrh

  Score

  10^/10

  redlinesw49discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2