Extracted

• • Target

    file.exe

  • Size

    358KB

  • MD5

    381e4c7a1710e50685d70d5c8f64bf0f

  • SHA1

    3238069f1f6784fc4a2bab012639e2a8f137b2a6

  • SHA256

    407312c530750f0320b643a45763bba006d313cefa8df72f463ec836d3f9de08

  • SHA512

    2f9ff2926deaadde24c4fdcd2e0372df3d4769010c4f9b41ed584a5ffda73dc748873fb54fdcaa719037426c52dff4d4355f7b7389937db134ade90d27f20a44

  • SSDEEP

    6144:Av6/B0LPN7gIFcZucmc9irChTWRNk5VP1ySqYXlnpTIU:Av6/mxMIFc/mc9icqRq9ySDXln

  Score

  10^/10

  redlinenewediscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2