Extracted

• • Target

    JaffaCakes118_869c98fc53aa5f11e75ffa2744381995

  • Size

    1.1MB

  • MD5

    869c98fc53aa5f11e75ffa2744381995

  • SHA1

    16372b3dba63c8725158487c81d3c620d82585e4

  • SHA256

    3e6e9b73ff7fbe58dfc2b7bdf8c8af6cf1fcd80dfedd50e0f6bf9d6aa11a87ee

  • SHA512

    8320ece8ded0e2cb2b7936df77b03dd97d54f3849b44d46932d4141b51041e5c2cf2a03f02843db9c2e7e5f109e61431886fe275040e137b68a2dfb029313cc6

  • SSDEEP

    12288:4+wJ9GeeYwTVlCOCQWAKeAaf/+YQZ7QQ6m1N4LWgViFd1kXanGJAWCG2GBKf/OJv:9eZ7YymWgpkM4

  Score

  10^/10

  redlinesectoprat@a0867183086d949f0c153b3bbcf46510discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2