Extracted

• • Target

    Sigmanly_a94af8234c234fb5e65dedcfb33823abfbbefd0f451bbbddd96b6fc455e4cfa1

  • Size

    95KB

  • MD5

    24b1454141362b9675b17e9d779c5c93

  • SHA1

    485b0ecf657a25dc28913e29bcfb91f47055af81

  • SHA256

    a94af8234c234fb5e65dedcfb33823abfbbefd0f451bbbddd96b6fc455e4cfa1

  • SHA512

    bc63bd7fa3b2183982a34411a14770235fb1eb7659a303fe508a8fe20b7642d9050f7f6323db229d16756d70e2d12dd9cd1fcfdfa6e76ff954766f14e43ef756

  • SSDEEP

    1536:5qskOqJGlbG6jejoigIj43Ywzi0Zb78ivombfexv0ujXyyed2xteulgS6p8l:XPuOYj+zi0ZbYe1g0ujyzdV8

  Score

  10^/10

  redlinesectoprat@pr0xybrodiscoveryinfostealerratspywarestealertrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2