Extracted

• • Target

    JaffaCakes118_aaa7dc0b1e593006e0b8c5a536628906

  • Size

    4.7MB

  • MD5

    aaa7dc0b1e593006e0b8c5a536628906

  • SHA1

    e7a9bdcf098e01bfe4a0c732891a2d784783ac95

  • SHA256

    77beee95b061496a7f269e109ecd4a08d126b7c7447d560d843b245c3ef38db6

  • SHA512

    079f4b4e868ba0d837646d252995541796dff72ce1a56fd804278a9626c7baad17fe3b30c815efdd3ae55fd6db3250c082e4671cab0fb333bcbfb399ca3b5314

  • SSDEEP

    98304:SLq81CWjTuzUuU/JxTmMq2ebszd28BI7tI+xmV53pai:kCKThusr7q2egqPxmV7

  Score

  10^/10

  redlinesectoprat@aftostopomsdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2