Extracted

• • Target

    47e86cc0cafdce94d5c05a5c9c5c388e_JaffaCakes118

  • Size

    1.1MB

  • MD5

    47e86cc0cafdce94d5c05a5c9c5c388e

  • SHA1

    de4fcbdcc06a0d748a82666bfc1ec4e4a08e5be6

  • SHA256

    1d7d718be5b978fedd1124fa44831ba54af5bda0507f6eee05a0a8c8d9badda1

  • SHA512

    e8d4012ee736c1d256e03bd1756ebd5a0349c0b77903bf71ad80cf40ee3c586e32b1e1278bd54b6b58b58152a9382a4726b8242b98ac4665ba1d0ebecb50e47e

  • SSDEEP

    12288:8ICX3Vd0CWpzEYOXU4B4C3pmYeP3TpuJ9/RFYt/UU9XBtqsfa5emgqdRjZVEgaZr:8IG/Vz87

  Score

  10^/10

  redlinesectoprat25discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Suspicious use of SetThreadContext

  behavioral1behavioral2