Extracted

Extracted

• • Target

    27369d3a97607ab620e80ca5511953674205ba2f8a243956962f1602518741ae

  • Size

    1.4MB

  • MD5

    c13a0c6752aa2a1782d1e5d29015c8f4

  • SHA1

    1f7d8cc7aaabc3c32f9715d909a3d86c33009ee7

  • SHA256

    27369d3a97607ab620e80ca5511953674205ba2f8a243956962f1602518741ae

  • SHA512

    3a4b0dac23190c00f8d2c6decab18f016cf99657bceadb3d6770b75fc38e5a22bfe7aff749f88a80dc9e085a79915a5e0f5d9a3fc00ce174efd77ada985087f5

  • SSDEEP

    24576:vyH61LuWPvbKxl9GLbHwSofzu4K8YZPfoiSnpUuwthBjNrbTWzpdLkL9n:6aRvP2HCHaxP2PQiSvwTjhW1dLa9

  Score

  10^/10

  amadeyredlinerwaninfostealerpersistencetrojan

  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1