Extracted

Extracted

Extracted

• • Target

    8896b158ac271c269cfea637cd9402db48676eeef02b9d694d5c9f0eaeb3dbb0exe.exe

  • Size

    5.1MB

  • MD5

    ea2b3d6abba472d4f37f31edcf64371c

  • SHA1

    d497f364487fd039f8167ba316e98c819d469088

  • SHA256

    8896b158ac271c269cfea637cd9402db48676eeef02b9d694d5c9f0eaeb3dbb0

  • SHA512

    628579fb71692ad284c79017e77a961449e26654dce4f6950225735c61f56cb66ced274e86e9116c84374882ffac2419b9d8f9c8e8cd48274c05e8bf34030ccf

  • SSDEEP

    98304:yuEE/LXN/acREegl8Xn+zrnP0xhJuDwhRzV0utBvn3F/92PHPSOSftvW:yuLN/ac0LsJucB0On3F/9gvS0

  Score

  10^/10

  nullmixerredlinesectopratvidar706pab777aspackv2dropperinfostealerratstealertrojan

  • NullMixer

    NullMixer is a malware dropper leading to an infection chain of a wide variety of malware families.

    droppernullmixer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Vidar Stealer

    stealer

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2