Extracted

• • Target

    e8535e99dbbc603b50e78d4dccfa19e5_JaffaCakes118

  • Size

    463KB

  • MD5

    e8535e99dbbc603b50e78d4dccfa19e5

  • SHA1

    4d5798c654eda145593e71f31d86a74d58bb5839

  • SHA256

    0b411b839b5081d14a70086b43c30ee61ce2329450b2d220260190db8ce942c5

  • SHA512

    2a4ae0797bb9bf638186835ad7fbf30cafff9ef65f5b7979dd668d395acc8965d1521cab46e73a53b63167c067ba4b12f7c5c34c08aa7b27bca165231309adb2

  • SSDEEP

    6144:XkKRDBCmSyEI+HDWUxJ+gGBamt/Srfgw8lVGsc2VCh7tsowfIm/n4HamL:0jWcJEBamt/SrfRIVdF4RtvwfB4HaQ

  Score

  10^/10

  redlinesectopratunknowndiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2