Extracted

• • Target

    0aca7207b62d5c602107a6a50661dc09.exe

  • Size

    348KB

  • MD5

    0aca7207b62d5c602107a6a50661dc09

  • SHA1

    437b742b8e4cb72f6c4d2453c6cd63e2a4c2315b

  • SHA256

    b62a82b6e80e1aeac41958829ca5b03217be8cb4b574a8c47c5c3617fd3306b6

  • SHA512

    a7f333a09690f532bc1882080d593c15accd4673778c57f874f720f2e980b173831f0058d3a922f6dcd848f7ea1a971bacb03062eaf80271850631ded3a3d5d3

  • SSDEEP

    6144:ukbsln1btxLYAXVMRqT6D4wLMyCmQlQ4Ok2:q1bjFMsW8wYyXQC4t2

  Score

  10^/10

  redlinebaideninfostealerdiscoveryspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2