Extracted

• • Target

    e2290320b8bdfd5d09269a688985516b_JaffaCakes118

  • Size

    365KB

  • MD5

    e2290320b8bdfd5d09269a688985516b

  • SHA1

    20c1eec6c00ffdbf763bf5fbccd7c087e4e95259

  • SHA256

    11e9bd38be4e41981f5af667fbf5de877a10b90cec91aaafffa3d2bd53b5f1fe

  • SHA512

    c89e8ae64b706515c5c8ed185212849cb032de8cae39db65853a456e8aec381620a3c90474aa39d4b45111c3b1e5a6128773b08d93d811686d9a6dad237e844c

  • SSDEEP

    6144:RLeGcupdvlbm5uy/zGhS+f9pinxAORROuVJ5qxL4/WEe4dO1IzgOalof:RSGcupdvlbm5CpWphJ5qx85

  Score

  10^/10

  redlinesectoprat@power_zarrazadiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2