Extracted

• • Target

    JaffaCakes118_d689b232492a44023b23c35bbdfcc74692287b0f7cca5f256ed014ad97f56971

  • Size

    846.9MB

  • MD5

    91f5984711797e69aaad871121cc47c7

  • SHA1

    f23b1683ea93e169f86b77f1192ad8a541683db7

  • SHA256

    d689b232492a44023b23c35bbdfcc74692287b0f7cca5f256ed014ad97f56971

  • SHA512

    bc315f9b564b7a6568763f38033215efe1efc1a593e127ec79feb420218c9e220722e171beb7b96412bda3d10c5ffef871566a2ab515630009c47ea97c1e16e0

  • SSDEEP

    98304:aXFI1hlwPZrYhOGXPTB9o88iqn6BHdSCx0eJw1128fJWtGuAsoNE08JL:aXFI1hlwPZabB9ZOWdSww4thAs2EVJL

  Score

  10^/10

  redline@gglul34discoveryinfostealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • .NET Reactor proctector

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2