Extracted

• • Target

    a7c95fa8e4dd4b0656cbc36e93de0312_JaffaCakes118

  • Size

    1.2MB

  • MD5

    a7c95fa8e4dd4b0656cbc36e93de0312

  • SHA1

    bfc520e84a2441f0ce09823f4181d27cabe46fa2

  • SHA256

    aa18b81ed85ea352506ca5c51db807f51011cb81df764d855f61b033d48fea14

  • SHA512

    f85ef82e4bfab947204f46763424dd82f4bcb6659f1e2d8c8a246da0af395e3c5334dca99d433abc30fb1f70f76371cea367be268de91bbe0bdbf5750b53da82

  • SSDEEP

    24576:H/OBazwaC3KTuiCOwDCARk6VTfZVt80+S6BJwjUduAtgrsBcO:RC664wD5TfZVt8M6mWtf

  Score

  10^/10

  redlinesectopratfear factorydiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2