Extracted

• • Target

    e7216d8b7084c0c36d90aefaf30bb7b6d10ae2ecae700889d459ed5ab1b26a59.exe

  • Size

    313KB

  • MD5

    f733785f9d088490b784d4dc5584ebfb

  • SHA1

    6c073d4208fee7cc88a235a3759b586889b91adf

  • SHA256

    e7216d8b7084c0c36d90aefaf30bb7b6d10ae2ecae700889d459ed5ab1b26a59

  • SHA512

    43589b18333b0edcd6e300577f86de685058df5533bcbfdd3e30497aa76176008125fbd28deecaca5e6132c42cc5c0a583c34497f40dbe4ea577333eaebab899

  • SSDEEP

    3072:kA05OJdM+K9F3OFq70W09SIg8Ikn2YSxx1m6MRqfjDv/YUeqiOL2bBOE:sma9Y40r8IIDxx9MRqfjD4aL

  Score

  10^/10

  redline@oni912discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2