Extracted

• • Target

    JaffaCakes118_50fd094675da74aa0e5b9a298bfa783d

  • Size

    1.1MB

  • MD5

    50fd094675da74aa0e5b9a298bfa783d

  • SHA1

    66e6cf05dc34a5c47a61ca376a17db34f0c7d784

  • SHA256

    00cd272476489e41fb7f6a4ccaa0b6e4b922c23033b2dc5bfdb79a13da43a850

  • SHA512

    f6412417aaaff269cd2dddd08cfc43ebc6281731d1995779706b396105bb08f449cc1ff8947323bcdcaa6c3e5611579fbd1eab65661adf6c2ddc5d0bb9b9daad

  • SSDEEP

    24576:Vgl9ZWtVJbYeE1qeVqtuFPb+8lFTRURAr1FuYDHhTi2pTHaYxLQQU:VgdW5b1AzQgPVvFUKSYLBppxLHU

  Score

  10^/10

  redlinesectoprat@xxluchxx1discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2