Extracted

• • Target

    https://mega.nz/file/uKgzWJ6Q#ay0oXKJ4rU6Eg8FH2YwB9U44U87ES6OzcCSt95_Qu0M

  Score

  10^/10

  redlinesectopratcheatdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2behavioral3