Extracted

• • Target

    2108b6d4b4a78e2a094fd01a0f666c92cf59feda

  • Size

    2.5MB

  • MD5

    6bb490266fde82840d4fc318d69101ba

  • SHA1

    2108b6d4b4a78e2a094fd01a0f666c92cf59feda

  • SHA256

    5141965861b8f6963059b5f02a895e53339db50be33901bd052c323bcd5dc16a

  • SHA512

    efb1737a04290f07102cc209fbefa3923c78be3ca7cb4eba57f3e91872b5ca506860b72e1f14cedaecca2cbed8e60ad4059b59b7fd91eedcccab705647182160

  • SSDEEP

    24576:FU8cmx/CVYPp4mKR4YDYdhFCsSMeJfU3dxtp4HIbTK5rbEJ+2JL7iFtMl3RuQ55A:+8/hCVYqmKFenCrbEJ+2JPoMl3U

  Score

  10^/10

  redlinesectoprat1652085892discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2