Extracted

• • Target

    05f2dd3d2dacc8633d402e404d918e79.exe

  • Size

    425KB

  • MD5

    05f2dd3d2dacc8633d402e404d918e79

  • SHA1

    4de9d36037feb708c3229dbeb2f202398fb4f221

  • SHA256

    66e93e6252ac9c8f2a02c121abc6b4749c67b131ba0d21b39ef917e695ac84ce

  • SHA512

    e9a50a7f48d1176725110cf2ae48d2990f0652fbfbcbc02e524de464a853aee7381286500d8ec4064920adee32eb38548c2f838a8c93ea683fa0cb305aa3efcd

  • SSDEEP

    6144:0ELvIq0ciBGJzBIlK8oB8KmIkNqX4FMT3quk6or6:0ErIq8kJzklqEMT3qrD6

  Score

  10^/10

  redlinebiloddiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2