Extracted

• • Target

    cdbe15a8c1176fd337db098b8ceb187b_JaffaCakes118

  • Size

    133KB

  • MD5

    cdbe15a8c1176fd337db098b8ceb187b

  • SHA1

    dbea5796417919da139a23ecf901c7408b45b5f5

  • SHA256

    1d1dc9ca8273fd350ede4f8d783ce160ec7672e0e6354497162f811683a4a298

  • SHA512

    16ff57887803ad4098b87d0315df0aeb9bf56017b98d5d4f5de7a18849d581f45123a1c448079a95104805ec58d6f16931e4ae3e66813b2462f41ba90954e6f8

  • SSDEEP

    1536:1YULhMGlEtFSwRxApOhm2QPTUuE6CMueRbjvZsBXiu4T1biozTy+xFkdbe/uU/uJ:+ULhMGlO08ApOhmcibdGEVFk2BfMp

  Score

  10^/10

  discoveryredlinesectoprat@romanbzk001infostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2