Extracted

• • Target

    6cf3be19b0ad012e085aa4a19e2b60ce8072c09edd53736ca36d886abddd5ff6.exe

  • Size

    675KB

  • MD5

    00a32a9ea8cf1dcb16567d39f347f1a3

  • SHA1

    8256dfe45b2b4385d523633d9287b354b29aa4e5

  • SHA256

    6cf3be19b0ad012e085aa4a19e2b60ce8072c09edd53736ca36d886abddd5ff6

  • SHA512

    c7da422d5a66efe1822793f84fd0f727c9962dc1d692a50bfa830e6f34464f9c458f5debcd0336beb105f1a2b126dd64ef272b498e252987f0936796cdf27123

  • SSDEEP

    12288:XoaovT2lPK7JaJM25F8PUCMQgbYAUQPHbAp2RyExqBT+Ta7mCxLE+QUQtsaZrMvw:G2BKIG25PbY9I18EuJ7

  Score

  10^/10

  redlinesectopratcheatdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Downloads MZ/PE file

  • Suspicious use of SetThreadContext

  behavioral1behavioral2