Extracted

• • Target

    e32c3dace485cbeb0f9fa3fb0e105766297f5bd4d76a718e8ba9e7db1170bb07

  • Size

    306KB

  • MD5

    41c584675f03e4a1fd33c13a671d95fe

  • SHA1

    a2e09e1438abfb996e8623c739fb82e80ea94aa3

  • SHA256

    e32c3dace485cbeb0f9fa3fb0e105766297f5bd4d76a718e8ba9e7db1170bb07

  • SHA512

    5b816a6220cdee2acc621f61bb0e362b5e32fb273eade5d75fb9a0416ddde2a3b0f22026dd8b927f1c044353bf715a6138c6052be9b82a286fcb986dc473b256

  • SSDEEP

    6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/

  Score

  10^/10

  redlinespoodiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2