Extracted

• • Target

    b539acc51a48e2088f90ab0a82f60f38a784105712ef57542e8e1552a1c6aaad

  • Size

    1.0MB

  • MD5

    0a136df16d906821f105096987d43e11

  • SHA1

    5b4478cabb9e3d2673643235aa1980df5b2ea671

  • SHA256

    b539acc51a48e2088f90ab0a82f60f38a784105712ef57542e8e1552a1c6aaad

  • SHA512

    2f6b8014be9e4d2fc858fcf0b66690e3a6bc4dbd25ae7c52bd69c732dafa432b86ea6ffd45304d1fa9b58b8e6ee73ff6021a47b6158d0ea061f47c5590e812de

  • SSDEEP

    24576:AAHnh+eWsN3skA4RV1Hom2KXMmHa5R3MeYTslWVNB5:3h+ZkldoPK8Ya5R8eYSWVt

  Score

  10^/10

  redlinesectopratfrenchinfostealerratspywaretrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2