Extracted

• • Target

    77adf907f7192ceec66f302ec640e0db_JaffaCakes118

  • Size

    505KB

  • MD5

    77adf907f7192ceec66f302ec640e0db

  • SHA1

    a0ee083358c6c65b98e754fdcd28a3304e532f82

  • SHA256

    7e169994390db93ad142afa1780bd4ae84c4fa5c8a2b41b4d36a470dab080b40

  • SHA512

    8ca65f82ba49838a7755ff33552383deefe7574be67d89f2a05209655afda787f9f6b598798808d101ccabf78055bb1c6eed43aebc07bbc7ada6e81b5157bcae

  • SSDEEP

    12288:l7PbMfT0mA9ZbOkyIqJitZ6r1LvtQjwVZT3skdVeM5RM:lLNXJqKZaOjwVZT3skdh

  Score

  10^/10

  redlinesectoprat@adoxyyydiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Suspicious use of SetThreadContext

  behavioral1behavioral2