Extracted

• • Target

    95766a747e7920c6b82d9411ba71c20c.exe

  • Size

    1.2MB

  • MD5

    95766a747e7920c6b82d9411ba71c20c

  • SHA1

    e9b774afad9c66e7d3c87eaa85924e572ee5704c

  • SHA256

    468628cdcfdb07ec88a16758f4418400a01a7bf2cd191ca28f8b7a762779a2ec

  • SHA512

    f26a0255382f00065715502b1574aa16a85096798c119641b63348fb5edc88e8299c0ddefaae601bedef6914899cc1dd6f6a01152c25d108f574fc8861a2eed2

  Score

  10^/10

  redlinediscoveryinfostealerspywarestealermetastealer

  • Meta Stealer Stealer

    Meta Stealer steals passwords stored in browsers, written in C++.

    stealermetastealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine Payload

  • Downloads MZ/PE file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2