Extracted

• • Target

    503fb1498e1c257cf61ade325e9a3a60.exe

  • Size

    491KB

  • MD5

    503fb1498e1c257cf61ade325e9a3a60

  • SHA1

    786094aece0a643b4924b02ef98b82c8585394f1

  • SHA256

    32c1e1a834294cc3b4ce9c790c8faf4bd218412859b55b21129ffe991064eeae

  • SHA512

    4b8eb12a82275ae1e084a76aea4293bc502ec71bfef100bf0391e836b520701374430415aac6a5b6b9bf89e815b989f87c0505721d2cbd153b040239c2d246e1

  Score

  10^/10

  redlineausdiscoveryinfostealerspywarestealermetastealer

  • Meta Stealer Stealer

    Meta Stealer steals passwords stored in browsers, written in C++.

    stealermetastealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine Payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2