Extracted

• • Target

    JaffaCakes118_5bbc600df335a363e24494dfd64b5f2d

  • Size

    529KB

  • MD5

    5bbc600df335a363e24494dfd64b5f2d

  • SHA1

    93d583059771748ec975328f6c1257951f6626fc

  • SHA256

    71eafede1f40a5c6a164523d3e6b3c06d60f4d061bdfd7aaa10ab0d47061ac14

  • SHA512

    d083ef66c32ab34826188b1c7c9e789975f11a0cf373fb76e0c3847f2b6032f2b6b8e17f7cd40d354a0d700e3a2337f3f58f3a24dff0a80a70c394fa8e69003b

  • SSDEEP

    3072:9YD4T+ptTn3Wb/l1uj+DHHFnFt11ikVBCd6kWiZff8xVwLXSUS4YX+8rMNPsS6f:9YD4itTn3K/ryWHv10ckVExSLLS4/NED

  Score

  10^/10

  redlinesectopratdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2