Extracted

• • Target

    70410a36049adc192be688fc514db0e7aa64feb3de57e098bb9f5a8fe2a95b98.exe

  • Size

    4.6MB

  • MD5

    f88fd87086909a6f511e8aceeb108e4f

  • SHA1

    7701b09e073fb43ab1ab73479fb7e2effaae5582

  • SHA256

    70410a36049adc192be688fc514db0e7aa64feb3de57e098bb9f5a8fe2a95b98

  • SHA512

    6e2328e9e808cda8744402f52f824944e4945860f44a90233677739cd94271aa5218426db31bbe1ed1427b498c240f9a26c68b9aa526f2cda4e4d2ecf08fb8ab

  • SSDEEP

    98304:cLmmoWoISuwHdkGQ8QQmgNLh0UIyjce4Ebad6VoPomU:ayu9GQxHgN1XgeI6ZR

  Score

  10^/10

  redlinesectoprat@bearteam13discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2