Extracted

• • Target

    b4a1e470f814bbcf1bc26c087eb513f4bab6165c90ecf43ac71dd87702561c30.exe

  • Size

    297KB

  • MD5

    5d860e52bfa60fec84b6a46661b45246

  • SHA1

    1259e9f868d0d80ac09aadb9387662347cd4bd68

  • SHA256

    b4a1e470f814bbcf1bc26c087eb513f4bab6165c90ecf43ac71dd87702561c30

  • SHA512

    04ea5757d01508a44e0152b3aa78f530908da649d59b8ce7ee3e15c2d4d0314c97f346c1e79b1810edb27165d04781c022937d02536dc9b1dd4c55f023a47701

  • SSDEEP

    3072:WqFFrqwIOGdTypEmz07sFPaF16CVyeR+LhdwT5TZMfvgZcZqf7D34NeqiOLCbBOy:tBIOG6hPPLd05TZaYcZqf7DI3L

  Score

  10^/10

  redlineamadiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2