Online Virus Checker | v.1.0.150.174 |
DB Version: | 2023-12-02 00:01:20 |
RedLine Stealer is a malicious program designed to exfiltrate users’ confidential data from browsers, systems, and installed software. It is often delivered through email attachments or compromised websites. RedLine not only steals sensitive information but also poses a significant threat by introducing other malware into the victim's operating system. This two-pronged attack approach makes RedLine a potent and dangerous cyber threat.
File | final-dash-season-4-0-0-exe.exe |
Checked | 2023-12-01 22:53:53 |
MD5 | 81b67c605469c549699cc7406a8a2720 |
SHA1 | cd8a709bb3352b24623af859f1e41671c18f0369 |
SHA256 | 639af5e4ea63c4c1e36234003d7f2db285636fae90c70094b69f4d314b381bba |
SHA512 | 1e26600bdccd6103c3e89062e7be8ca9f857e47fac7683c6cff4b40529e2c558a275d835c2da1f4d192679925e230e514ca89b8f6d7cdaee41350fdac9911dcb |
Imphash | 646167cce332c1c252cdcb1839e0cf48 |
File Size | 62733312 bytes |
Gridinsoft has the capability to identify and eliminate Spy.Win32.Redline.lu!heur without requiring further user intervention.
CompanyName | Microsoft Corporation |
FileDescription | Win32 Cabinet Self-Extractor |
FileVersion | 11.00.22621.1 (WinBuild.160101.0800) |
InternalName | Wextract |
LegalCopyright | © Microsoft Corporation. All rights reserved. |
OriginalFilename | WEXTRACT.EXE .MUI |
ProductName | Internet Explorer |
ProductVersion | 11.00.22621.1 |
Translation | 0x0409 0x04b0 |
CompanyName | Boot-Dark Games |
FileDescription | |
FileVersion | 4.0.0.0 |
InternalName | Wextract |
LegalCopyright | |
OriginalFilename | WEXTRACT.EXE .MUI |
ProductName | Final Dash |
ProductVersion | 4.0.0.0 |
Translation | 0x080a 0x04b0 |
CompanyName | Microsoft Corporation |
FileDescription | Archivo autoextractor de archivos CAB de Win32 |
FileVersion | 11.00.22621.2134 (WinBuild.160101.0800) |
InternalName | Wextract |
LegalCopyright | © Microsoft Corporation. Todos los derechos reservados. |
OriginalFilename | WEXTRACT.EXE .MUI |
ProductName | Internet Explorer |
ProductVersion | 11.00.22621.2134 |
Translation | 0x0c0a 0x04b0 |
e993bd3c307425eb93fada6b56827e42 93a586a6d0f50896d4be29fa8c1c80bc 6c75716573783973 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x00406d50 |
Compilation: | 2059-08-08 23:27:35 |
Checksum: | 0x03be651d (Actual: 0x03bd8ce2) |
OS Version: | 10.0 |
PDB Path: | wextract.pdb |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 5 |
Imports: | ADVAPI32, KERNEL32, GDI32, USER32, msvcrt, COMCTL32, Cabinet, VERSION, |
Exports: | 0 |
Resources: | 57 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x0000669c | 0x00006800 | 8efccde25b9e492cde40b5ef253cf7a7 | 6.27 |
.data | 0x00008000 | 0x00001aa0 | 0x00000200 | 7b9890a93c0516bb070e1170cfde54d5 | 4.97 |
.idata | 0x0000a000 | 0x00001056 | 0x00001200 | 8fa33e292b5a9d9dcf9cf67d5c955b3d | 5.04 |
.rsrc | 0x0000c000 | 0x03bcb10c | 0x03bcb200 | 6d94563e3f7c1f4dae7bed05d99a0ad9 | 8.00 |
.reloc | 0x03bd8000 | 0x00000888 | 0x00000a00 | 0e9fae0fc18f3412188d18fc97b6fc55 | 6.27 |