Extracted

• • Target

    9af37a188002aff59974451b2cb12a439eaa3272abec2cbad07aff9a46c392ad

  • Size

    378KB

  • MD5

    3b0dbf69d29c782d8239573c71ebc9f4

  • SHA1

    eb7367231e13866620e1b2b82270fc230dd7e09d

  • SHA256

    9af37a188002aff59974451b2cb12a439eaa3272abec2cbad07aff9a46c392ad

  • SHA512

    9d17ccc20bdbf1ca382c218cc21163e7d7692c70bd6e40796a54ebe378b0cd6e75ad4f49c86bcf3be044328e37efaec50382da32a34794f3696b543607ab691a

  • SSDEEP

    6144:m2RX0Tl8YYzzs3uIAwzKAroy0j6OElLnNUt0Tfz:m2RX0T+YGUunwuMoyYqotCz

  Score

  10^/10

  redline@chicagodiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1