Gridinsoft Logo

Real-Time Size Data-Sheet by Kupers.exe Stealer Redline Analysis

Stealer Redline
Updated on 2024-07-05 (2 months ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.181.174
DB Version: 2024-07-05 12:00:22

Spy.Win32.Redline.lu!heur

RedLine Stealer is a malicious program designed to exfiltrate users’ confidential data from browsers, systems, and installed software. It is often delivered through email attachments or compromised websites. RedLine not only steals sensitive information but also poses a significant threat by introducing other malware into the victim's operating system. This two-pronged attack approach makes RedLine a potent and dangerous cyber threat.

File Real-Time Size Data-Sheet by Kupers.exe
Checked 2024-07-05 09:09:30
MD5 65d27176e519feb23e5d43c8c3114b8a
SHA1 fe22fe60833f06d8e83aa18645418c0dbbc2228d
SHA256 d62fc9601bbf082cd097af67c9a6b74179a636c8dbf8ac04f614df2a6c0c9fe6
SHA512 b8a2ba797537bb817d8771cc296ecf28f27d0d7542c29e1e2c613d20d50ab2895dd4641134140829f62b8b43cd19a996202f993a92e02dd29b5f34ef5c14557a
Imphash 646167cce332c1c252cdcb1839e0cf48
File Size 2031616 bytes

Spy.Win32.Redline.lu!heur Removal

Spy.Win32.Redline.lu!heur Removal

Gridinsoft has the capability to identify and eliminate Spy.Win32.Redline.lu!heur without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

CompanyName Microsoft Corporation
FileDescription Win32 Cabinet Self-Extractor
FileVersion 11.00.19041.320 (WinBuild.160101.0800)
InternalName Wextract
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename WEXTRACT.EXE .MUI
ProductName Internet Explorer
ProductVersion 11.00.19041.320
Translation 0x0409 0x04b0
CompanyName
FileDescription
FileVersion 1.0.0.0
InternalName Wextract
LegalCopyright
OriginalFilename WEXTRACT.EXE .MUI
ProductName
ProductVersion 1.0.0.0
Translation 0x0419 0x04b0

Portable Executable Info

a344b9ea5594bf68e924f2bdb1df6c39
0e64aa80bad2c270c8062fcea82221cf
69cc9645b269cc92
Image Base: 0x00400000
Entry Point: 0x00406a00
Compilation: 2000-11-24 11:50:57
Checksum: 0x002078db (Actual: 0x001fb6d9)
OS Version: 10.0
PDB Path: wextract.pdb
PEiD: PE32 executable (GUI) Intel 80386, for MS Windows
Sign: The PE file does not contain a certificate table.
Sections: 5
Imports: ADVAPI32, KERNEL32, GDI32, USER32, msvcrt, COMCTL32, Cabinet, VERSION,
Exports: 0
Resources: 44

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x000062c4 0x00006400 d3b080bd7b514f812cbee16da52b0c4c 6.30
.data 0x00008000 0x00001a48 0x00000200 7b9890a93c0516bb070e1170cfde54d5 4.97
.idata 0x0000a000 0x00001052 0x00001200 3906fab55f211460c4a4a799648be3c7 5.02
.rsrc 0x0000c000 0x001e7840 0x001e7a00 aa205403d8355a5ca0a126fd7b78c2c0 7.99
.reloc 0x001f4000 0x00000888 0x00000a00 f081b23c3aa39325c504c02cdcd1422d 6.27

Leave a comment *

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.