Extracted

• • Target

    file

  • Size

    949KB

  • MD5

    50852c736bd257b42873d2fed301c2c6

  • SHA1

    4ade3409bdab741a140fbb3062323cf08dbbe727

  • SHA256

    0e34e71619203992822a17c00c51b0599073dbc458253f45dcafae2b9202e843

  • SHA512

    0e041b0e3b17bfd5241f2dcc73e4e034ac03cc2537636d938f3d2d33f83fd1848313aa8e3255cac3ab6a4eaeddc60e0134cfd27bfc06873978f5839fdf7841e8

  • SSDEEP

    12288:pIYZ7w8sB1wIIQp9lGT6RYGoc7wIPWGJ1R4vsG1t7fPPjIepcsH/JDz:pIYZUnBMmDGT6RWc7w3GfqEE788H/J

  Score

  10^/10

  redline5395192397_99discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1behavioral2