Extracted

• • Target

    ebb610b6e365c99950fa00648ae5b04c13d12c64a57b1ac2b23d7b5d220a0d61

  • Size

    306KB

  • MD5

    d3141cc5fea1d639ee2e2a3183fe5624

  • SHA1

    198d895227fdaf487cda7caa5b4ff134c46b7c34

  • SHA256

    ebb610b6e365c99950fa00648ae5b04c13d12c64a57b1ac2b23d7b5d220a0d61

  • SHA512

    e216703165aac18b960b70540aaac0f3e9f7faf91cfe724a208dc3b331c35e049ff03737b0561f768003a9cf3477b70d8c7f59685fb5ec173c4ac1b134412f0f

  • SSDEEP

    6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/

  Score

  10^/10

  redlinespooinfostealerspywarestealerdiscovery

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2