Extracted

• • Target

    d60df4a3ea6bce524650ba94f6339e39_JaffaCakes118

  • Size

    1.3MB

  • MD5

    d60df4a3ea6bce524650ba94f6339e39

  • SHA1

    4805dc2d49d362028d48af9142f1abbe313e78c6

  • SHA256

    172b6209ca78d8006297f41fded71268689f8b9be88513673af4420c12176c75

  • SHA512

    8991e4b8b7b7602c8a8c2ea69bcb537d8d9c176ff79d151a7337334366dd9c637fc057f541298e92194f5a3a346423dfb7eca0a3e0b941b3bde59232ab5dce67

  • SSDEEP

    6144:BLlHHQKiZmkr2w1gwf4BuQLljN7geGR/6UkxChx4ZfAb7nC0WEG05iTemWT:BLlnQbx11f4ljGbFhkxChx4S95dmWT

  Score

  10^/10

  redlinesectopratboss8discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2