Extracted

• • Target

    f07f03f6f98d7614662b3eef3442f969_JaffaCakes118

  • Size

    427KB

  • MD5

    f07f03f6f98d7614662b3eef3442f969

  • SHA1

    c930cc72220b6347f9bd0a3b7d6604b1da1cc3a7

  • SHA256

    23be159fc9bf61045e52fc6424075595fc9f55ef06e06141fab43d8a4b202da6

  • SHA512

    6178a9e1a920b8292644eb212766383c78150092114eaa7715878104d9a364e4bea1aae94538c7e05c7ff46b9a805a23efe422725fc7f8885fc8dccf8213278d

  • SSDEEP

    6144:JReYcuJPlpLr94w6vTZ2oyfmi+/ZAOLofMOtQj9vmmVB5zgPMqKTf:JgYcuJPlpLx4Dp/ZlmtQjBjhNT

  Score

  10^/10

  redlinesectoprat@nineelevenwasjewsdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2