Extracted

• • Target

    73cd7f8cca43940c0f4f0234b7e32c6f17c2d2c3af810f5ea936a8cfbaa95c2a

  • Size

    2.6MB

  • MD5

    683d11458e44a8f700b04c3694710d7c

  • SHA1

    6eb33d062195d74648ea122daced528c2a05d7e0

  • SHA256

    73cd7f8cca43940c0f4f0234b7e32c6f17c2d2c3af810f5ea936a8cfbaa95c2a

  • SHA512

    fc0f08fb9b4816d2a993c2e0729add84f965c045009a6e261d43bd6e3a8b9bcbaf6e0bf5f6a84bc84356bc7a0c290a3b0934bdcb167428d4a874924ef925b851

  • SSDEEP

    49152:Iws0JBto87d2cl1UzJ2UjZUN354zNstjl3R:Iws0JBto87d2cl1EJ2FIzNst/

  Score

  10^/10

  redlinesectoprat875784825discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2