Extracted

• • Target

    c70785ce228674a926e39ab3a9b27c996818d80b92f44d4df838b1d3df23ee9d

  • Size

    221KB

  • MD5

    a5b920f34ec75c3f9f006ff689224553

  • SHA1

    7efc4cffb1141cc62d51a2cd378ee6e34c7c20cf

  • SHA256

    c70785ce228674a926e39ab3a9b27c996818d80b92f44d4df838b1d3df23ee9d

  • SHA512

    7e810a13018ee08237130f58a0c4b2da7526c9d0c8574447d2a143ee6ddbb926c188548be7a066c527e6352819ad42894874f39a1062d29fa10e54a00a3daa75

  • SSDEEP

    3072:p2PLqOze7nDNgcYde+t9P/Kt/qbe9aKC9GYYOtLDv:p0Lm7DNgc8vtO/D9aKC9V5tL

  Score

  10^/10

  redlineclientfilediscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1