Extracted

• • Target

    JaffaCakes118_7a563b19e0f30901e47430f2d1855356

  • Size

    4.7MB

  • MD5

    7a563b19e0f30901e47430f2d1855356

  • SHA1

    44b863df97055f5eb47a85c84f1d0efc0bfd7fb6

  • SHA256

    679ab6829396afa4e7637743385d2676fa3842bff6099e4a94a89e9017c63b72

  • SHA512

    2aacd860d502d5d7b5d186a7575b64bf8663bfca83a4f8e49c988b952d68fb10636f2a6d5c94fa80d63b940dea1415c3ec5bbb6f748b1f6b1f42ec1a4594b738

  • SSDEEP

    98304:YLoijyYrL08xAYL2OR3xKIkOCC7rmn81xI3yJXSFw2gTV+tTS9IC6B2:pnYn7AGRBsC7rH1xrXutuSJB

  Score

  10^/10

  redlinesectoprat@alexsandrovnaaaaaadiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2