Extracted

• • Target

    Installer.exe

  • Size

    3.9MB

  • MD5

    73b379163a82ae03bc1455c122f50ded

  • SHA1

    6e4a1406dfa4726f7c6abb8d3923504d17439483

  • SHA256

    867422e9a491d017054295dcc017b77af632b8d65c15ef50cd287cf51aca118e

  • SHA512

    0ab8b3707152a67e9afb1087c67605254068eabdd84b715ca05fc2dd2d2acb1db24a99f558d3aa589e6ca6daa399c4ebc6236323f1157edb8765a14fc974fea6

  Score

  10^/10

  redlineytstealerinfostealerspywarestealerupx

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • YTStealer

    YTStealer is a malware designed to steal YouTube authentication cookies.

    stealerytstealer

  • YTStealer payload

  • Downloads MZ/PE file

  • Executes dropped EXE

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Loads dropped DLL

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2