Malware RedLine Malware Analysis

Online Virus Checkerv.
DB Version:2023-09-13 18:04:54
Available languages:ENESBRFRDEUACN

Scan Your File

Analyze suspicious files to detect malware and automatically share them with our team. You can compress your file into a zip archive (if needed, we use the password "infected" to extract before checking).

RedLine Stealer is a malicious program designed to exfiltrate users’ confidential data from browsers, systems, and installed software. It is often delivered through email attachments or compromised websites. RedLine not only steals sensitive information but also poses a significant threat by introducing other malware into the victim's operating system. This two-pronged attack approach makes RedLine a potent and dangerous cyber threat.

Checked:2023-09-13 15:10:13
File Size:4561624 bytes Removal

Gridinsoft has the capability to identify and eliminate without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.


DigiCert Trusted Root G4DigiCert, Inc. (US)
DigiCert Trusted Root G4DigiCert, Inc. (US)
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CADigiCert, Inc. (US)
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1Lamantine Software a.s. (CZ)
VerificationThe expected hash does not match the digest in SpcInfo

File Version Information

CompanyNameLamantine Software a.s.
FileDescriptionSticky Password UI Automation Manager
InternalNameUIA Manager
LegalCopyright© 2001 - 2022 Lamantine Software. All rights reserved.
ProductNameSticky Password
Translation0x0409 0x04e4

Portable Executable Info

Image Base:0x00400000
Entry Point:0x007b31cc
Compilation:2022-04-21 10:13:39
Checksum:0x00464a14 (Actual: 0x0046322d)
OS Version:5.0
PEiD:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Sign:The expected hash does not match the digest in SpcInfo
Imports: winmm, oleacc, shlwapi, wininet, winspool, comctl32, shell32, user32, version, oleaut32, advapi32, netapi32, kernel32, XmlLite, ole32, gdi32,
Exports: 3


Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x003aaf48 0x003ab000 d900ca7d75e0174b5398df2531bbc677 6.52
.itext 0x003ac000 0x00007274 0x00007400 47ec42178c018acff44758128006aee4 5.83
.data 0x003b4000 0x00011bac 0x00011c00 df6b20436076db72ef56f7d72aadfff2 6.47
.bss 0x003c6000 0x0000978c 0x00000000 d41d8cd98f00b204e9800998ecf8427e 0.00
.idata 0x003d0000 0x00003eae 0x00004000 6cccf035985a60e5551cee6a09814400 5.22
.didata 0x003d4000 0x0000682a 0x00006a00 5a1f6251a1d643719855cc9866f2d685 4.95
.edata 0x003db000 0x0000009e 0x00000200 edb942bf3d3ebcb02c237a361248c902 1.95
.tls 0x003dc000 0x0000005c 0x00000000 d41d8cd98f00b204e9800998ecf8427e 0.00
.rdata 0x003dd000 0x0000005d 0x00000200 b4102882d5b469ddf10d4b0f22e69c67 6.63
.reloc 0x003de000 0x00053f84 0x00054000 399ef3686e89a700c5e34052ae0f620c 6.65
.rsrc 0x00432000 0x00032400 0x00032400 2aec096e2045fa67f5567edde1d6f770 6.77

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware