Extracted

• • Target

    a2703a938720483ba3ab69d8c271bb409266e2683fbd0124ac5b22704b49726f.exe

  • Size

    375KB

  • MD5

    704c2154afe1ea4a2247733a980e1695

  • SHA1

    4d31285a7f7a17109a74c6a590cd438e1e5080e7

  • SHA256

    a2703a938720483ba3ab69d8c271bb409266e2683fbd0124ac5b22704b49726f

  • SHA512

    d852a2129dbd71344d6696e6e102dea57b52023e31fb3e94c003a654534c4925b553c79d9bbd40f5343c017847f0af7502e4ceb2546faf0ad684c255e553aa79

  • SSDEEP

    6144:3bvbEgZ5oaZp5BO/jrhrCxq7yz8fQZgIWSsCz7eL:3TblZ59ZzBO/xrCRHU

  Score

  10^/10

  redline@chicagodiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2