Extracted

• • Target

    064e05a3eef74d7f1c2294b595dd27c5dba36150ecd586a3581267b7c4214972

  • Size

    305KB

  • MD5

    9daab0ffd6ccb22acc46ec9b725ce504

  • SHA1

    a2b6cb61e2423066ce327bdab552cfab9b10a89c

  • SHA256

    064e05a3eef74d7f1c2294b595dd27c5dba36150ecd586a3581267b7c4214972

  • SHA512

    2240c11234f93c993e2d2e205f794799f969c69bae6d004f744c909387589fc1615de4cfe7d475721e7073e070dbaf6860dae9c207b7159d93c8c7a28667d671

  • SSDEEP

    6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/

  Score

  10^/10

  redlinespoodiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2