Extracted

• • Target

    b43d95a738a1a7df7245a3fcb11b3d37

  • Size

    202KB

  • MD5

    b43d95a738a1a7df7245a3fcb11b3d37

  • SHA1

    b000576e0a198e364af0e07eeb13f993e43643ea

  • SHA256

    94e830018fa0898f97b4fc3206d53889ec7a4c042960604ddacc504d8b30263a

  • SHA512

    04045eaf33bb19e347f890d8c3fee682c8c03575d585c5b52e05afd813c6d7fbb9f634f2b40187c85a09d6b433971d3848bd1fdd4671bfd7b32c4dcafd2b4951

  • SSDEEP

    3072:PyLT1pRNE9Sof7at5ytD153ZlwQNdMUXDOF3hFVIgrFukl7Csd:0hpRNOSQatKDPZ+maDVzxuklr

  Score

  10^/10

  redlinesectoprat@youlovedevilinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Suspicious use of SetThreadContext

  behavioral1behavioral2