Extracted

• • Target

    file

  • Size

    291KB

  • MD5

    82dff01ab90a28a19048fe5cfbcbc895

  • SHA1

    9006253561020584da11344f702ebb9d4ee7127d

  • SHA256

    513cfd7c3b47cd8acb5b7f0e3365273a1cf6ee0a5f4635a35fb910e574d37d11

  • SHA512

    e894769ca833df1ae11f6cfc5f5b1d89e649be7512ff8f9bed69bf740802c80e6523b1a1e1cd94bf2409e3d9af374aeb41ce3c8e849c10ccec1afc56527e680b

  • SSDEEP

    6144:oIbH9up2Eidk1EO/D0YMOfn2rZ+FfidK1:Rb1dk1ZyK1

  Score

  10^/10

  redline@oleh_psdiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2