Extracted

• • Target

    e0888920ecf5282f98cc62836905ecdd.bin.exe

  • Size

    553KB

  • MD5

    e0888920ecf5282f98cc62836905ecdd

  • SHA1

    3e954e4030869d99ecbaf6503acafd1ef4a81dbf

  • SHA256

    f57536badf2858c34c301bc1fd7e237a1f700f3e48c6563cdf4ada287d1151f2

  • SHA512

    ab8fd95c90930875b3db507c75ec5d883b1b73966129df31dc300ebe2d6ee6b7fb540d7bd46e5dedcf88ab3affa5713ae408f57081dd54e6323ee06f99b9a7ea

  • SSDEEP

    12288:C2iNqgIbuMjFxhqrvhf1TP2TmQs2e9hpqW7dwY5DVjuAk1aGL:C1wgWvhQvhfdP3LqW7Tvju3aGL

  Score

  10^/10

  redline1379752987discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2