Extracted

• • Target

    JaffaCakes118_1b4fcbd5822e1f442bbe0210243a7007

  • Size

    486KB

  • MD5

    1b4fcbd5822e1f442bbe0210243a7007

  • SHA1

    b10d1d6bc559d92b9d021db4c3c2c02477ae12e5

  • SHA256

    2140696357d2905f43e85e58ff1b71e51fc5d17991110f296c140c51b0bbbb64

  • SHA512

    3c7626b46b29c28897cab0190419d33150868e9f41c75f4558a84677d0155b47052538ab30b8dbfaf8c6de758aa9080c5b88ac247e02261a21986d9aa28216cb

  • SSDEEP

    12288:bDTpfY8VEZlmSmtrr4QLAQKVJvf+Mh0DxTAo5D7SdZJ8MXsDVa5nC:Tpg8VMlmbDLcVJvf+Q05Ao6L7Ug5nC

  Score

  10^/10

  redlinesectoprat@f0lserdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2