Extracted

• • Target

    6329380d049a1006574b29113c573e42a68cb017ed28e6d885a7ccd459a691b2.exe

  • Size

    276KB

  • MD5

    4b1e104bea647e2ffc5feeb562e3da55

  • SHA1

    2cadfcdd97ef6504275cc8774963a89bd2873d2d

  • SHA256

    6329380d049a1006574b29113c573e42a68cb017ed28e6d885a7ccd459a691b2

  • SHA512

    fcaeea642368ecd0b4e6b497f764fa9e95b2f2d57d2aa5aded7ec58aea5c178adfb308eaf976b7a6415d49f826c67bea3ea87d17b742eb564328fb350f36b3ec

  • SSDEEP

    6144:lbBmWEkyGSjwHvh23s4tvgLTI8NUKH1YVUF/5kEc:lbBmWERG8wHQ3sGvgLTIGrH2E/KEc

  Score

  10^/10

  redlinesectopratblazzeediscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2