Extracted

• • Target

    a32d74feaebde8f218d02d99347983aa9b9be0ec85a4f.exe

  • Size

    896KB

  • MD5

    e01eed093c11df9172d1a70484e8f973

  • SHA1

    6a9b4f44a5d2cdab4770811543963e66f09d97ec

  • SHA256

    a32d74feaebde8f218d02d99347983aa9b9be0ec85a4f409c5f210fbd3f861bb

  • SHA512

    6a6a327210f5d35a307c1b9b66bf6e5b65b7cb2303e9126a5457a1be1ac708281cca0a4aea6d4b55e503e930a24213218271e261f80f5df4162be351317c8022

  • SSDEEP

    12288:C4a2aC3D3Lfzn7PjXNWjCT3eOPRRlWXYtvp0OjGP91pCmOBgu50x3ecZ:HsjCT6u0tP/OBgu50x3ecZ

  Score

  10^/10

  redlinematywon2discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2