Extracted

• • Target

    4dcb640873597f71cf9f0f6c3fbda8fee9cbbccbec182fc71131f8752d49f89b

  • Size

    1.0MB

  • MD5

    e6e32a5c1b621f034a269936e3a44c1e

  • SHA1

    ca923c8b646a5b0b7a99d82e2c8e23c1379870c7

  • SHA256

    4dcb640873597f71cf9f0f6c3fbda8fee9cbbccbec182fc71131f8752d49f89b

  • SHA512

    225ebd4d9d1c4c21ef10b4556bc77660e902942ef8b5a71a796d4961b5e03746af6bfd5e7f6e46bc744ac1e2843c1999bfd6572719546e97dd8c57913fad52e0

  • SSDEEP

    24576:tqDEvCTbMWu7rQYlBQcBiT6rprG8aAbdjgk:tTvC/MTQYxsWR7aAbdjg

  Score

  10^/10

  redlinesectopratcheatdiscoveryinfostealerratspywaretrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2