Extracted

• • Target

    a736a2fc2817d545f9c749853363b843be91377f0c40a286a1f821200a83df89

  • Size

    584KB

  • MD5

    484b6dad484a477a283bb05fde2dd90f

  • SHA1

    54ebfee5e5e02baed349f63acfc51cb823ff09f0

  • SHA256

    a736a2fc2817d545f9c749853363b843be91377f0c40a286a1f821200a83df89

  • SHA512

    317232ecf1629a76389f11452fc4d6d425aa26a567d47dff359bfb963161f7ed3021545f37a49ffd714fdaeb1b2d516d5a39e8089342968a60230bd214b44892

  • SSDEEP

    12288:gMrVy90GsLxoxeWfIOVFxVkvP+C0NgiB2lQBx:FyLuxewcF+PBQ/

  Score

  10^/10

  redlinedizadiscoveryinfostealerpersistencespywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1