Extracted

• • Target

    3D63B777F65056B236BA51180CD37CE0.exe

  • Size

    557KB

  • MD5

    3d63b777f65056b236ba51180cd37ce0

  • SHA1

    94a4653797f942c4f2eb1ac36707d66e5cef401f

  • SHA256

    d2ddb7d466186ab167e6799198ef76d678ad0ac098a5deacb5a99383aa54b717

  • SHA512

    10b6f38a651593a7fbb2209907b4ce16bfccb07db858dd826f27d3a5b8270cf4b09b4a54233e2804d3fcd909f775b5e5c85c0b6923ec65afbf767e46a341a37e

  • SSDEEP

    12288:5JjHQC3RbeXNMR4xfLH4mU7D+MCyWQNIQTkduiY0D:5tQC35eXN/fLo+MrWQNxkQiBD

  Score

  10^/10

  redlinesectopratcheatdiscoveryinfostealerratspywaretrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2