Extracted

• • Target

    JaffaCakes118_a1c70aa369668b00b8392b82115fe72b

  • Size

    1009KB

  • MD5

    a1c70aa369668b00b8392b82115fe72b

  • SHA1

    cb910de4f365fe67bc37783687e9281f802e115f

  • SHA256

    d91d72f391d5c4a55f82b5910b1426afc19f3af28ec9603e60f287d4de768a86

  • SHA512

    44fb962082a79d585f6e499963fa65c1ac7c758ff0b489d50ad5655b9c5e24e05b305932ee072db6f4a34d84ab7d24087d5fe9df0ffb8b11ccc6ab90460745f6

  • SSDEEP

    24576:dvvrR6K/pKSbGK5pCwPJN9JBpXvrR6K/pKSbGK5pCwPJN9JB5ZX:dvDgKhGK5FNLBpTgKhGK5FNLBv

  Score

  10^/10

  redlinesectopratytuploader [greenbin-card]discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2