Extracted

• • Target

    file.exe

  • Size

    283KB

  • MD5

    8f3fcef426d76e2635646108b38ee839

  • SHA1

    ef2527a7e4733f68bb9902d246dbb5cc23c48fb9

  • SHA256

    6e1f1acde46206aeec80aff2847e28c13ba4a968cfc1f2f796039ee2abdd4427

  • SHA512

    2be77a84144334abfb5707333b5c4c78f32a1655d62233d1c830a6d7c0d7677d4a9d08d3a988559ac8911d356701f96b478cbc3c4b6934c53221973fa0e93e67

  • SSDEEP

    6144:QYu7wB6+xV1UPrroh6YAKWpZOnsvmwIqO:QP7w0+hWreapZOns0

  Score

  10^/10

  redline@germanydiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2