Extracted

• • Target

    JaffaCakes118_b4adcaea014ab4615e7fa686287448d1

  • Size

    4.6MB

  • MD5

    b4adcaea014ab4615e7fa686287448d1

  • SHA1

    ee85043f59f907e921a86d8cd05030b4c3552c02

  • SHA256

    0cca04411fb0efd4b26397941ce3ff01c7f021efd79983431234a3f27d34409c

  • SHA512

    f7f09593b0027728a875cfd87b1522f3d6671c2e6b8b2af7a666bece1af7e6bbd0b954fdfeaf8700c4f4c318a7aed2e5b5485a904d9b0ba4258a9f997d91ecc5

  • SSDEEP

    98304:mLm7d8Rpc65gc3IXPhIqvSk5X7ILDtx7UlCXUcPQjgXp9Yc0amrpB:+Rr5uhLxX74xFUcPIap95zmrp

  Score

  10^/10

  redlinesectoprat@detr0vdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2