Extracted

• • Target

    EхесًDev2.31.zip

  • Size

    57.4MB

  • MD5

    d30a674d42ab5c1051a92588ce0361b4

  • SHA1

    1bca4a79c193a6be93f42bfd131264401040a0a7

  • SHA256

    0812f0573c1bc3ef9b6454a37e4c0ce921b669424d1a8f0c73ae68868bf24f45

  • SHA512

    b31c56f6b94473d0c26428b3be0aa4a543ed59e2a9a06e09c8e08513adfecb84fd678135e772b7e5039072d3fbfc4fb234853a692b566927424bd454f961955e

  • SSDEEP

    786432:JAw/VkDV/fEIE2hqqD1j/iLkiPC4HkZJ8mq9uuZ3GspauzYLIvGok3nALE5x+pR6:JAw/UVEIJhHBjik9FL8AKRpYSf4+fm

  Score

  10^/10

  redlinediscoveryinfostealerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1