Extracted

• • Target

    b5c99c14697b259fed0f284e26d20898_JaffaCakes118

  • Size

    112KB

  • MD5

    b5c99c14697b259fed0f284e26d20898

  • SHA1

    70a793f89c57d2abe642cc1719228a3c805cf5f5

  • SHA256

    178846797dead3d2a0ac160059efc8d6a5fed9fd84054a893aec0c7e9950ae4d

  • SHA512

    16b1e69aee1175e08abbdf29566742fd889805d86920feb952bfdd4460179da964f3852b191f2e868b5efbd2fd93b05a326e7b408f5a597dad2ac4fcca641962

  • SSDEEP

    1536:ovtItfcSE/RJmaqoPZDBQ335+gFy/RUfurAGs0cx+zRgipV5vJfK8j:8A3aXPZD+nAg8peARgipvJfK8j

  Score

  10^/10

  redlinesectoprat@pxwerfulldeaddiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2