家で妹と二人きりのお留守番.exe Stealer Redline - 扫描报告

Stealer Redline

Updated on 2023-11-14 (8 months ago)

在线病毒检测器	v.1.0.147.174
数据库版本:	2023-11-14 20:03:34

Spy.Win32.Redline.lu!heur

RedLine Stealer是一种恶意程序，旨在从浏览器、系统和已安装软件中窃取用户的机密数据。它通常通过电子邮件附件或被攻陷的网站传递。RedLine不仅窃取敏感信息，还通过引入其他恶意软件到受害者的操作系统中构成重大威胁。这种双重攻击方式使RedLine成为一个强大而危险的网络威胁。

File	家で妹と二人きりのお留守番.exe
已检查	2023-11-14 18:48:19
MD5	1ada783f1e8d67f9b7979f01c3b16f7b
SHA1	475bceb3732592cee3fa8a0ee140219dafe0f96f
SHA256	77b9c934296a0bdce084d3bc45999de88d2a3d3dc776a7713937636fb90a8f1a
SHA512	3f1352f57c0e635a4469c06e34cb7e6b0e25e2873dfa2ed49713e205b3b2ecee7e8ac75d28fa5792aa46f1408d420d7a17a16b5f371e655b2b7f1b0438153a0c
Imphash	bc70c4fa605f17c85050b7c7b6d42e44
File Size	7779840 bytes

Gridinsoft能够识别并消除Spy.Win32.Redline.lu!heur，无需进一步的用户干预。

CompanyName	Microsoft Corporation
FileDescription	Win32 Cabinet Self-Extractor
FileVersion	11.00.9600.16428 (winblue_gdr.131013-1700)
InternalName	Wextract
LegalCopyright	© Microsoft Corporation. All rights reserved.
OriginalFilename	WEXTRACT.EXE .MUI
ProductName	Internet Explorer
ProductVersion	11.00.9600.16428
Translation	0x0409 0x04b0
CompanyName
FileDescription
FileVersion	1.0.0.0
InternalName	Wextract
LegalCopyright
OriginalFilename	WEXTRACT.EXE .MUI
ProductName	家で妹と二人きりのお留守番
ProductVersion	1.0.0.0
Translation	0x0412 0x04b0

	9cc64fea808224ca18416f7e35314a8b 88faef13792dc29a2dbdf27efa9d56c5 a56569792d835d7d
Image Base:	0x00400000
Entry Point:	0x004067cc
Compilation:	2013-10-14 05:50:27
Checksum:	0x0078213b (Actual: 0x0076c034)
OS Version:	6.3
PDB Path:	wextract.pdb
PEiD:	PE32 executable (GUI) Intel 80386, for MS Windows
Sign:	The PE file does not contain a certificate table.
Sections:	5
Imports:	ADVAPI32, KERNEL32, GDI32, USER32, msvcrt, COMCTL32, Cabinet, VERSION,
Exports:	0
Resources:	48