Extracted

• • Target

    1808eb6f26588ff256c9b10375b234d1.exe

  • Size

    400KB

  • MD5

    1808eb6f26588ff256c9b10375b234d1

  • SHA1

    97366eb321d08a208163c45d4fe184b753227a88

  • SHA256

    966d8abd0c9e9ccfaf38c8a492be749847fed9dea13cf73b513a5185c52b913b

  • SHA512

    a9ffb090630dbb58f859955ebecb3ed344f0c8d911c1926a829d6fa2eb199fc44f4f25ce5d7d50e8542f0a4159c6be709b598324ac625c40da50554f325b5783

  • SSDEEP

    6144:L3enLGybhxIojXIbqPx7G2y32e6CoLoyHXjPNxx59/CJTk637eQfnd5YtBD:ga0pXIuxG2y3F6CooCPNv59CJb7d5

  Score

  10^/10

  redlinemilafdiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2