Extracted

• • Target

    a040d59da6528f88ded3b130199a23f33f01e9b049b89c0cceaabc5c6984bb26.exe

  • Size

    577KB

  • MD5

    4153363158f713a02e405d251823c0c3

  • SHA1

    35168f14fa36d3f8d15614cb25a78415015691d1

  • SHA256

    a040d59da6528f88ded3b130199a23f33f01e9b049b89c0cceaabc5c6984bb26

  • SHA512

    c0bfbb1f13aa7e494369684d74f76deff4390d4910bcabe7bee75caef0eed8a813ef6ea73442cfdb86b6cc0b6a29222d5fcd67a6ed6742eb6eee92c58c83255f

  • SSDEEP

    12288:Om0+u3F55OHTDPJg6i6XGoVnpVn9SIRlwXkMWqsHG6xSd6Ys+tA2Zc:O5FXOPhi6hVn3c0wXkB6IS03+R

  Score

  10^/10

  redlinesectopratcheatdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2