Extracted

• • Target

    JaffaCakes118_3f59803d76d13e68ce3a1820f827bbd3

  • Size

    358KB

  • MD5

    3f59803d76d13e68ce3a1820f827bbd3

  • SHA1

    c6f2c35f5afc951e24cf71fdd36b193136ee7021

  • SHA256

    ee82db8edcbbfb6963920e2192b8e3ac4228602a23603419c3e3946321f15794

  • SHA512

    06d97ff3fde2ea823674999c28088365185fae9449cc26e39fc6456242f04653b44a8a2ddafb3a7fd27e09cac96f950ecfb4804721a40de7bb2a1c46c8f09aae

  • SSDEEP

    6144:PUSw3fbq4a6LKXpzdKgneetfFqJTTiabAOPSLXQuQmh8lwsAbFDo5PoQN9sz:P5w3fbq4a6Lap7CTRgg9mh8lwsMDdQw

  Score

  10^/10

  redlinesectoprat@toxictylediscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2