Extracted

• • Target

    JaffaCakes118_750ffc41d2e66892b88d2a5379e14f77

  • Size

    4.6MB

  • MD5

    750ffc41d2e66892b88d2a5379e14f77

  • SHA1

    99f970bb5ff90da19a2aeee6da953c5dbf3f3818

  • SHA256

    8e8790f00253cbb3b31e0ffdeb55a9497e093e410b98db9e65ea2a3d9e9e6985

  • SHA512

    d4ce9d0a7f8da2bf284a37d8f81b2884e9df44294895fc715906043e987fce139b420c51391eb4648226011ad072a6d8e167f46447beef1dc25e7e1b6ab73686

  • SSDEEP

    98304:SLqJBJIs3j+CVzhK/3WpC72X1sdAJvs2tIE+VXvjPxlsdD+NCTECRKw:H3xRM/6CSlsKvvX+lv1lCD/8

  Score

  10^/10

  redlinesectoprat@sonyalooadiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2