Extracted

• • Target

    Combo Checker.rar

  • Size

    11.4MB

  • MD5

    16d9fa76865b22d183ac56c9f15bdc30

  • SHA1

    77221373e5e5d04636af24759ea4246de6f274c3

  • SHA256

    a7c3db982b00258a4d56f836a62bd591237a740e89c4e48b3fd90bb2ceb9e3a9

  • SHA512

    60621938650aaabc9ad9ee48e98ac5c90cc485230437fbea33fc46e535a71a52cd181ed378d9749d41b8fde85ac30ca7aba54dd91a35bcfebc162dfdb9c5912b

  • SSDEEP

    196608:yt2a9Br2jNkIGXKv/dk7GUgx0y7Vfz+SmKm82+WUITgMNqoISLeX951Iji5URsB0:yt2sDIG6dk7Bw0y7Vfz+NKm8eUITgZm1

  Score

  10^/10

  redlinediamotrixdiscoveryinfostealerpersistencepyinstallerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Adds Run key to start application

    persistence

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1