Extracted

• • Target

    JaffaCakes118_4dff0db3f13246fbe26b0668626c12a7

  • Size

    4.6MB

  • MD5

    4dff0db3f13246fbe26b0668626c12a7

  • SHA1

    502c3ea16b8939727171fc9220bb2a6ed7524f28

  • SHA256

    a2e952e672429d1d821d78168127f208e6d5821153b5be9dc600f5b82bbfad67

  • SHA512

    a9b21fc8df5619d016c9e3b6f0c939ea83038c4c48479d511eaeba1f72c525382940c1c5ee626741304957a0534a13266eefdafec5b2fac4e08ad8a47fafdde0

  • SSDEEP

    98304:qLqYEVoWELiJxbZggrwxIa7ctGN9DEHrSaVaG:XrKGxbqOi7L9I

  Score

  10^/10

  redlinesectoprat@tothemdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2