Extracted

• • Target

    c413de559a9756551573e98967809991570c67c9f9d0194cd20af56439e076fd

  • Size

    580KB

  • MD5

    9f15d3910d488be973f61bf92d1d2ffd

  • SHA1

    543b7785b47d038829ea2132b4dd93b4b3cafafa

  • SHA256

    c413de559a9756551573e98967809991570c67c9f9d0194cd20af56439e076fd

  • SHA512

    ec3e566bd62f5da7d3fd7ec890af144364ba1f1bf7e75e9095fca1095d9005dadccf0793a358d5359b62b06a47b159f4a78fcff989e41fbbf7b6af78b1990162

  • SSDEEP

    12288:OMrQy90L4gMv9EgH1u6x8s1G8AxRnCLJ2gQ2A+JtHCBB:yyqMv9EK86xP0lILQ2laBB

  Score

  10^/10

  redlinedizadiscoveryinfostealerpersistencespywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1