Extracted

• • Target

    頂通-秘密教學.exe

  • Size

    365KB

  • MD5

    bf39e7a86c8a03b0426cecdf168b7e0b

  • SHA1

    eed580837a13c657eb1604705c95942b80f2a482

  • SHA256

    857072690ec85093decb9c837a6150ba11a596213d48f81bd2014fe811d95295

  • SHA512

    8fc3673453b1f4da92dcbff6f0917d3b04b4e88ff65cc3be96bd982084bdd1ccfd400e64e62c0b26586230119b809b3a1acc6db6d6b5ca1c84f4bc48f3fa7d09

  • SSDEEP

    6144:tXv9NvGCLQCkyhX80cWeBhh/qNKisTsIlUcvTUHdpJMVV2o:tXv9NvfECkyhd8Z/qNCIsT2dXK

  Score

  10^/10

  redline20221001discoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2