Extracted

Extracted

• • Target

    eb9721c8583479082cc5a34ee43b5c36a5d40d39ac87551eb0893e5baa4764a9

  • Size

    556KB

  • MD5

    41ca0cd12c4c622cef73226916331b9c

  • SHA1

    43a9228dab45f2086ab2376904533134b60ba010

  • SHA256

    eb9721c8583479082cc5a34ee43b5c36a5d40d39ac87551eb0893e5baa4764a9

  • SHA512

    6392ca41185f26806df96c876beb77d6a2e7d2fdeb5e32cbfcc41881ce0e6a4693bed3ef352d631b355ce81deadaf3c247fc08c4ca78de3572f77d6234d03b2a

  • SSDEEP

    12288:gMrsy90oXY+Wiinq1bK+a4FbiLgeyu0UgBYCTH+8Yoe2DCCYt:8yzWi71bK+XF2Lge0zb38CYt

  Score

  10^/10

  amadeyhealerredlinedodgedropperevasioninfostealerpersistencetrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1