Extracted

• • Target

    qu9158.exe

  • Size

    379KB

  • MD5

    23c005bf6be262973e85b907f5933589

  • SHA1

    3074e75a7dd20983887699504aee438050f2d988

  • SHA256

    b1c19714909ee44027c6b4b71d475eef2c4518851ecdc149fa85f219a43f5cb3

  • SHA512

    7516526d2dc56ad6a1bc9255fd63c9ba910042e8c110ca53a684b39d74e204b84784b64640e397e9e51eacddbe1c986114124aa943d2862cd52be2d046bc7f59

  • SSDEEP

    6144:Tbvgogp56pv5kHidlxQTx4F97PPoFIkenFZG1nr:TTghpYpvOCVLLsZqFgr

  Score

  10^/10

  redlinesonydiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2