Extracted

• • Target

    4698A45D6F8DA200C396E56AF7B8D34F.exe

  • Size

    95KB

  • MD5

    4698a45d6f8da200c396e56af7b8d34f

  • SHA1

    6df61371dbfd7d9245bb1e6bc63cb253bcb010a4

  • SHA256

    fd17ba1c5a4ebe7ad43606505471a2357cb9a6bbdf11bde9a9c18633bfedd65d

  • SHA512

    762dbdb08c7a97f959c5b7252988e8e2cc6230680eb456ef8e07d434b80b5a59df1074bd43a1f60ee473b0f13bc2c6c8c75ef783a9678c18a4b366a6b1413c7a

  • SSDEEP

    1536:5qsIbqDylbG6jejoigIj43Ywzi0Zb78ivombfexv0ujXyyed24tmulgS6p8l:XywiYj+zi0ZbYe1g0ujyzd88

  Score

  10^/10

  redlinesectopratnazzzediscoveryinfostealerratspywarestealertrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2