Extracted

• • Target

    file

  • Size

    370KB

  • MD5

    1d80e5634d29e6928932d75d1cf9ffd0

  • SHA1

    bff485f59dcd63bdc96f986f40163ad54e379ab3

  • SHA256

    43f44d1e80d8421ea6b06c309585a81034992d4fd2b4135c199ddbcbbf4e9495

  • SHA512

    b93523c96f65986b865e26225979d9120fb821c83a7220aaf08bf14ce1b0facb4966d326d18c6af747c8198015447c523e2f83e26c5bbb6561fbe3979f6c2d6c

  • SSDEEP

    6144:PqHNLVM/Dp1B+YOU732IMBjLDFv6Vd56fsT:StBM/DpfY7d96ofU

  Score

  10^/10

  redline@germanydiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2