Extracted

• • Target

    72b765579f21b2411f0d32b53fed6404_JaffaCakes118

  • Size

    804KB

  • MD5

    72b765579f21b2411f0d32b53fed6404

  • SHA1

    e0a24a795e502e16b2fedc178a22a9c41e6edbe1

  • SHA256

    5633314db4cd680796bc5071bd9a8d0ded1c43e4d4178c431fe5882646816b89

  • SHA512

    3fec8fca0e2e168db544b7979b12ebcb1fe3a9aa4abdfd2864c757a5c44ee484a41ee76713e6b25ca3b106d2ca1b187d9c62fc99a5ed1222e752628cff264452

  • SSDEEP

    12288:fD7/HK7zFspQf6KsarTy6z62XNHTndlOUB/oofw5pEVi6pjSiyyjK:ixspqsCTyf2dHTnbvhoo4d4jd8

  Score

  10^/10

  redlinesectopratdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Suspicious use of SetThreadContext

  behavioral1behavioral2