Extracted

• • Target

    5e0c5ad71f90e98a0d2778a371a55e28.exe

  • Size

    506KB

  • MD5

    5e0c5ad71f90e98a0d2778a371a55e28

  • SHA1

    050c043a033c61a98f6de039a8a274dd688cb1f8

  • SHA256

    3c285e783df8fe492b0ee90a41f58706f4913a3da6649a75331fcf08126078d7

  • SHA512

    49ec775455350e4bced4bad800755912acf9fbd56017e244958c591a47b4746342814193b1765d8ed51fd89bf048355503cc80c9ccceefd4d009e84158b7b0f7

  • SSDEEP

    6144:jzFBcUgZicw+kNCKEoCV6Xd1OLllUj9rUNssRoLKuzfNpgPMZ3Vix3+u4t8bN:jlSicwWKpTBjWNDRLuoPgu4ubN

  Score

  10^/10

  redlinesampdiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2