Extracted

• • Target

    fb8e7a36384ca11de03bc1d2069b8c94_JaffaCakes118

  • Size

    591KB

  • MD5

    fb8e7a36384ca11de03bc1d2069b8c94

  • SHA1

    f786750b3a23a55ab5ec8f66ff2b55ccf95948cc

  • SHA256

    7c2cbe5164554e712ea378315877d206e69ad6baefa7426451dfc5d85fbc06fa

  • SHA512

    93489ef0f742a09d979f6e3a16590f5a1eb9516d2dfde5680b08238e15a9a7946d319d9b2a2041ffea386063e9b9909bbc5100af3906eca41c0e726b63397eba

  • SSDEEP

    12288:QF9sg5m4TZf6n0jRx2iN47nhtNBQla+tU/zU7UOcE8SASRADlx58y:Ypme+URx1onhtAlaLLU7UOcErvRABx5b

  Score

  10^/10

  redlinesectoprat@big_tastyyydiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2