Extracted

• • Target

    1882b20a154c69e2e5ba570fc8dccddbd9ba9a521efc014625610662b1e8635d

  • Size

    305KB

  • MD5

    676582f861ba981c4ba2425e2bb88c1a

  • SHA1

    44b7d498dee7651540976b5ec0164463f6194c14

  • SHA256

    1882b20a154c69e2e5ba570fc8dccddbd9ba9a521efc014625610662b1e8635d

  • SHA512

    656eab137f0a06c1cd6fb4d54e77733a08266ef012fc75cb6a66f71d5e1bbe5e4c06252dae379513d85a1f0358c5f978714a06c8fa3887f19cfdbd670c321e44

  • SSDEEP

    6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/

  Score

  10^/10

  redlinespoodiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2