Extracted

• • Target

    1ca8f444f95c2cd9817ce6ab789513e55629c0e0ac0d2b7b552d402517e7cfe9.exe

  • Size

    300KB

  • MD5

    2c470494b6dc68b2346e42542d80a0fd

  • SHA1

    87ce1483571bf04d67be4c8cb12fb7dfef4ba299

  • SHA256

    1ca8f444f95c2cd9817ce6ab789513e55629c0e0ac0d2b7b552d402517e7cfe9

  • SHA512

    c07332228810928b01aba94119e0f93339c08e55ad656d2eaff5c7647e42bbf5ab529232163fb1bbd14af3331a49d0fb537cfb5eb83565f674155e53d4ae41b5

  • SSDEEP

    3072:s29LP/YAQlW30GLsmAwNr12pGuhTMo1syKXFWnO3TRGfx01h7AykPMRqT6Dv/Yi5:x2dmA42gST981BcxKBA9PMRqT6D4wL

  Score

  10^/10

  redline2024discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2