Extracted

• • Target

    2504-272-0x0000000001070000-0x00000000014E8000-memory.dmp

  • Size

    4.5MB

  • MD5

    f758407199cfabf2525b24900491d157

  • SHA1

    86c879b62bf5376a0261216c4cfdf41e4ee963ac

  • SHA256

    7c39c019d912024adadb624e49cc6db74f51cfd19e85c7499f5191d0a22f07ee

  • SHA512

    b67477f2576231b8fda5e8f12cdf50e1b2963348be57700ded55f1431ee46027b59d754537735c6d7724f9cd9f18cd6c629de22c059624a5e919784236b03082

  • SSDEEP

    49152:4RrBR6Yu++tFiittBKzaGvsK6sUZJPqyhWzXRU6l3rIDUmGhgscIa:4RNR6Yu+HitSOGvsKEFFIlcDUBa/I

  Score

  10^/10

  redlinesectopratcheatdiscoveryinfostealerratspywarestealertrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2