Extracted

• • Target

    GI_hackV2.2.exe

  • Size

    382KB

  • MD5

    033b87f17b845a88b342f558a959ae32

  • SHA1

    4fbad0d47191a0e219accc9daeabc38fad3435f3

  • SHA256

    1426f8433819b5f8a6b88a386e44f52abc4082fe45cea4666d840ac633c9f123

  • SHA512

    6b7378f7f31de0ffef6fc98c2a7d9fcf15aed34c6de5aa5b8119a8fb17dad3b92ed9973c794c29c69d5dcd76b024564ed8daa530a1ad281fa3bb29a83b3907ac

  Score

  10^/10

  redlinemexfrend2110discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine Payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2