Extracted

• • Target

    db894f90bd4d25bb9e80f7a4fcd74b76_JaffaCakes118

  • Size

    378KB

  • MD5

    db894f90bd4d25bb9e80f7a4fcd74b76

  • SHA1

    2e2e97a2147cc8f6f9d5ca6eebede8729c174883

  • SHA256

    ec78fb6ac079e992615f56fc642b56a5ffe5e3c997ed6963fea4ff2d8d74d348

  • SHA512

    2e7e77040c349e6ae56d3ea9cd9a36a6af6f83ca8f40ad67451fcbce46ea08574bec8b3f2df320c367af6f7e34222c454b9fc771b13f7836924eeedd0427b8b7

  • SSDEEP

    6144:FGShUfR1Gd4QEaVY3MCRRvQQ/3caG+woEe8:3hsR1Gd4QE2Y3nRRvQQ/3caG+woEe8

  Score

  10^/10

  redlinesectopratversion 8.04discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2