Extracted

• • Target

    1444-1367-0x0000000000ED0000-0x0000000001348000-memory.dmp

  • Size

    4.5MB

  • MD5

    9292403006b3e824fec1861ebc3518ab

  • SHA1

    be49ffca2933f2be00ddcac04c9de9fcfb55eb37

  • SHA256

    f981f7956f72475431e8896e7d7440762b5a821c283d792a06d7c6b91a42e75f

  • SHA512

    aaa7b6a7ba708bf7106bbdc57d2ee716fdeb949842f0e80b2f7106e00b75a1119ad14aeca7892e9a6c6b96725d920f59e8c6d87cc2f83db717634e3fd9fb936b

  • SSDEEP

    49152:URrBR6Yu++TaUfiwBEs2Xva26CUZJPqyhWzXRU6l3rIDUmGhgscIa:URNR6Yu+KfiJhXva2+FFIlcDUBa/I

  Score

  10^/10

  redlinesectopratcheatdiscoveryinfostealerratspywarestealertrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2