Extracted

• • Target

    JaffaCakes118_d34b56116adab21252af4851decaae6e

  • Size

    4.6MB

  • MD5

    d34b56116adab21252af4851decaae6e

  • SHA1

    2d90949be5f6cfeca1417ab469e220f186b779c9

  • SHA256

    139cd017d1b6b4a09802d25b500f6d315e5f9bb163ad0cb7e5ee37f66705740b

  • SHA512

    5f0663c81d0e3da7fc167f58abc3a7b764f39d682c49fccac9f338e9926ccac8fce8ccf3fab80bf1e4d89bfab9fe0dc7e6ee6d4d8644a65e88226d7587cd7c01

  • SSDEEP

    98304:cLmmoWoISuwHdkGQ8QQmgNLh0UIyjce4Ebad6VoPom:ayu9GQxHgN1XgeI6Z

  Score

  10^/10

  redlinesectoprat@bearteam13discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2