Extracted

• • Target

    ac08d04e9fafc4bf8d4ae8880dfc6736.exe

  • Size

    335KB

  • MD5

    ac08d04e9fafc4bf8d4ae8880dfc6736

  • SHA1

    48d5ea799400caebc1f2c572dec2813fd9e46893

  • SHA256

    58f3394fd637f0849ee49b99dd66b868c12d8386f47fd39821a0029f4b0fe5d2

  • SHA512

    1c9ccc64e43dc9148750a7ebb55f57638c18bd1a49d7e9f372a26827aa7de8191ea35b93b576a237e8bbde761880b47a6e7024cda437815a4805d526cc37cdfa

  • SSDEEP

    6144:mWgsCh9LiV+7+d4ZRewkF6CB4c0QjVzP05/cdxpx1mM8a8YH2PqXaUx7FN2:mWXU9WV+7+2eNF6CKcpjVzP05/Chlv8G

  Score

  10^/10

  redlinefredydiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2