Extracted

• • Target

    MetaLauncher.exe

  • Size

    700.0MB

  • MD5

    ef0252c71127e6aecb0dce4026ec5b12

  • SHA1

    fa59f410e3e3fc3508b0be90e25f5276f4e935bd

  • SHA256

    2b74c16506089e7b924665f6b6995daec9304ee9faf8d32a149fe5eb4799cbcc

  • SHA512

    e37abc995ec518fb436b0441667151a81afc2885e0eedbd579c84a3dbf42cfe7fd6ed0d20e29636798dfd605d182931eb35214d7d384d9bfdba3010a5a73ed53

  • SSDEEP

    49152:2PVuj3MxjxmxDfsAe2/0OsueEu6FREcK1ZEFcF5jAvJhg2jn5HNisTiiSbKvTnVB:2PVuQxxmxW2sjueT1GwoJe4yFu

  Score

  10^/10

  redlineidiotdiscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2