Extracted

• • Target

    w36wm60.exe

  • Size

    367KB

  • MD5

    b027ebb3e70d7bc51c75bbdfd85ea392

  • SHA1

    89bea40a9f34e998af07884e9a3da1df21037b2a

  • SHA256

    0c7a52e23934ed22905ccf78982f546ab0a36f92cdc64bf1cfddc7b4cb02d0e3

  • SHA512

    4d51137bd5c210f57198dd9f08858415ec2b5f4cd4324651bbc4b0127fbcfb1486b4f5f2add49602afeb340675ba3f37344ccf3d728039dabf3411bd547f0a4c

  • SSDEEP

    6144:HLxIKg4rn4VKUBZd43fU8JidT2CfmSUDk6S3QEaqOyEEN:HGKg4rsZd2NJidaVIZaqxEEN

  Score

  10^/10

  redlinemangodiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2