Extracted

• • Target

    f1ca6928d76373b3a9555ccec3a49332_JaffaCakes118

  • Size

    817KB

  • MD5

    f1ca6928d76373b3a9555ccec3a49332

  • SHA1

    8f001e51ee731dd5fbfad12e2f1b0993cb066af3

  • SHA256

    c59c670ff1cf8b16f3bc63836a1e7b08750d7005fd9e556b87ebdc9f87e25578

  • SHA512

    7a4876125615dcebba580effeefd268e6e4007ebd761a126a16738f5a592b6f0d9f5c7c5d84ab18e572f7487d97479d411ae9772ed08c8059937e04db2eb1477

  • SSDEEP

    12288:ipzlHK7zgZUo0avP5n+LfPVD8JkcPmI7kNgxIv7Vml97DZKKQDF7EFMuMnXj:8zokZT0aXELfWJbDstAl97FdQRgN8T

  Score

  10^/10

  redlinesectopratdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2