Extracted

• • Target

    bounty-97392239633069468

  • Size

    304KB

  • MD5

    15a7cae61788e4718d3c33abb7be6436

  • SHA1

    62dac3a5d50c93c51f2ab4a5ebf78837dc7d3a9f

  • SHA256

    bed71147aa297d95d2e2c67352fc06f7f631af3b7871ea148638ae66fc41e200

  • SHA512

    5b3e3028523e95452be169bdfb966cd03ea5dbe34b7b98cf7482ca91b8317a0f4de224751d5a530ec23e72cbd6cc8e414d2d3726fefee9c30feab69dc348fa45

  • SSDEEP

    3072:qq6EgY6iQrUjytA4dwP8Zk1tx/Efz+TAGtASRkFcZqf7D341eqiOLibBOh:pqY6iAwP6k1vQz+TAiAtFcZqf7DIfL

  Score

  10^/10

  redline@logscloudyt_botdiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2