Extracted

• • Target

    c0b40f0f6b4e1a0a596aba7362ed54def5dce5798a99a4b9f5fb192197111b12

  • Size

    306KB

  • MD5

    eb7709fd8b5efe9562e566a1fd2e5a1e

  • SHA1

    4a0a335cac84539848abdedf4f0ade2ed56ff671

  • SHA256

    c0b40f0f6b4e1a0a596aba7362ed54def5dce5798a99a4b9f5fb192197111b12

  • SHA512

    f630ddc5f3235fc28a3c76a9fc0527271fa5c8683010af2917c20c8eb553bd59809c2c56d236d87aa2cbf40c267363f2722a5a770c4b271085e2c45c9cc95ed7

  • SSDEEP

    6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/

  Score

  10^/10

  redlinespoodiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2