Extracted

• • Target

    8ef92577590803fac7d0c5b918e25f37b74b87bcf353806c6b2ed81ae4a584c0

  • Size

    1.2MB

  • MD5

    7561d69fdc62a8a8647f7c33d4413ee4

  • SHA1

    e28b5cbfc7f41e998fab1b1d33b419cfd7f85d64

  • SHA256

    8ef92577590803fac7d0c5b918e25f37b74b87bcf353806c6b2ed81ae4a584c0

  • SHA512

    93b4606197a9e76ae73f1eebbc38c0dede308d29f7d8b4228f86546ea59223fe395718fe52059af1299dfa353d9dfb0f456489d8d6c502d70be98b062149f7df

  • SSDEEP

    24576:I1DT7B3uSHk1C5P9ILvWJ3oTJwP85+2HEPR/ekRn1RY5:I1/7BxwC99a03v8+2HEp/1n12

  Score

  10^/10

  redlinesectopratinvasionvaloranthackv3.1discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2