Extracted

• • Target

    be67c3e96365bc394ccb229a414d3ba726ab7498ae73cea5f89d437d7a5d3662.exe

  • Size

    150KB

  • MD5

    5cd1e02cb68df11380841530977ea517

  • SHA1

    09c9bde608ae8fa12a8c205ed093c0bbdb1c8875

  • SHA256

    be67c3e96365bc394ccb229a414d3ba726ab7498ae73cea5f89d437d7a5d3662

  • SHA512

    23b7be40ae811161613f185c1fef96d46b0a8fe2bde0dea726f9f3603998745309c47777a733266291b70e6fc95ddf0f3352bbd08ae9d8d826ff01abb298a845

  • SSDEEP

    3072:k5RYLtJoWl7zPuRy11dafnxyOAxqT2VfOIwRBklg:UYAWpJTvxqSfODH

  Score

  10^/10

  redlinesectopratcheatdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2