Extracted

• • Target

    d256ead4f0823f31d9a251c1924aba7ccdbd3f8a54bd35afd4196b8e5c519078N.exe

  • Size

    577KB

  • MD5

    31eef67de2b33801baf1e46bc37fc690

  • SHA1

    1eee78a75ee7aee3c85616e81ae6c80cd0630019

  • SHA256

    d256ead4f0823f31d9a251c1924aba7ccdbd3f8a54bd35afd4196b8e5c519078

  • SHA512

    44e01a3d05c8b11e3be0a27d0d339b78955c2aab745e12795508a2665bc9cb33c31d7e99b05721d95197b5e9c81489df51b2f1cb008c11a9085bc461720b365b

  • SSDEEP

    12288:Ixxgm9khVuCPpfNncA1cpmh/X3wbtIb10sJ9R:IHMvH9W2c0vst810E9R

  Score

  10^/10

  redlinesectopratcheatdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2