Extracted

• • Target

    d3ac977c3116f7fa46440c49442530e1

  • Size

    2.5MB

  • MD5

    d3ac977c3116f7fa46440c49442530e1

  • SHA1

    0476c3a527c6fcbd399dedaa4333cbff9980c36b

  • SHA256

    71bb05f9456d694a82791671217934c63f5cf3a40d0141fe03e2428396a1f2bb

  • SHA512

    2c4561770d85b1d78bfc56cf79906f515b8b35c29fb98300298a5b47510f3c5666c5177eb9c29d616fcf80538216ce33c296dd1fc9716c1ea433a62a2e4705fb

  • SSDEEP

    24576:l8DI1TLpJMyOb8YJYBhJ2XvMYc66hd0/P5ErlbCUuwZUNl/W2iK/8HHLpMu79dh8:l8DiXpJ7ON0bCUjZUNpW2p/8HHWsHl3C

  Score

  10^/10

  redlinesectoprat875784825discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2