Extracted

• • Target

    29e7b2f96072f8e62948359199d5465ddfacc450705394ea6d29b7c77648026d

  • Size

    278KB

  • MD5

    e1e1853dec523ca69419c639ca12bc1f

  • SHA1

    1e6586cabece300856232e50b0d00114feb53ed0

  • SHA256

    29e7b2f96072f8e62948359199d5465ddfacc450705394ea6d29b7c77648026d

  • SHA512

    6c0f2d6a0cfe207bce306fe55abe8b47479f856a3db55f1fc5a13c2eff7ee1144ec1ee71c073e587bdae24b77847d1ad08072632c9ff4c052643b35799023461

  • SSDEEP

    6144:T/DBkuri/tJaHurBwKa6O56wxWtdRSGY1x3tA28Jgx18b:T/1kwMAawKUZwe3+qq

  Score

  10^/10

  redlinesectopratmtnnnndiscoveryexecutioninfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Drops startup file

  • Suspicious use of SetThreadContext

  behavioral1behavioral2