Extracted

• • Target

    6a8188798b02df0b2bed3c1a151a6f19_JaffaCakes118

  • Size

    251KB

  • MD5

    6a8188798b02df0b2bed3c1a151a6f19

  • SHA1

    3cdbc6f551f51770fd63cd151b22caef67fd0211

  • SHA256

    446fb177479da4df1076e60fba74465970be24f92211ee6a5bd69b6675e07ce3

  • SHA512

    09f86334db46477c03329db8f05d26b9c8ace77c2026828adb1382e31d5cb7e4f6d26cb426283827ea1d9318f61b5538efec0224be117291c1ac0ac98909ad71

  • SSDEEP

    3072:hpXAmWbs3iPlL726Z7KfRXl3EmkU/xCHBam+N8G950phyTMwWLOQ6aiWU35SRB6:YbjBFYdv/xCh00phAvWLN6NWU0

  Score

  10^/10

  redlinesectoprat@megavanek315discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Suspicious use of SetThreadContext

  behavioral1behavioral2