Extracted

• • Target

    4da64a00d7ff89c04d675f50c32ee458_JaffaCakes118

  • Size

    715KB

  • MD5

    4da64a00d7ff89c04d675f50c32ee458

  • SHA1

    505f39f4039bf5cba0009ea7b7d856f57d31a592

  • SHA256

    610c668380bad93964320bea5957b4c08861e277abc78230a770ad45194905b3

  • SHA512

    d38b6c1aea8763bdfc4e5cbaab8d65a74cf3bdf4d4230efc7005416a58f83742df46b213b91a83967aeb6d9dfccaa038adbf6001569e520b26373fa8f00ab9f4

  • SSDEEP

    12288:n7PbMfT0mA9ZbOkyIqJitZ6r1LwtQjQQiE3sodVGlAP/f490Dp0oVSpbjeni:nLNXJqKZa5jQQiE3soduAP/f49Y0wGI

  Score

  10^/10

  redlinesectopratnew1discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Suspicious use of SetThreadContext

  behavioral1behavioral2