Extracted

• • Target

    JaffaCakes118_c95251c67ad035a122c2c6e88821133e

  • Size

    423KB

  • MD5

    c95251c67ad035a122c2c6e88821133e

  • SHA1

    9ec0ab0431c9d350c10410af4da3608634e9c84e

  • SHA256

    8213d0307a1c3b96ed1e2b483140dab7110a5c7f8bec6b1a07fbed50c9ba321f

  • SHA512

    0d955e15ed9e301214036aee64460813239dceb5aed9efc305e56bfa94c96a483e23313669ab894454b462647a5ce37b08e8cdfeacccc269a859cd3f816c879d

  • SSDEEP

    6144:gvLhhlHE7+iEyvpbGC7d3qmPg5sLKmoeQ:ShhlHE7+iEyvpbGC7d3qmPg5sLKre

  Score

  10^/10

  redlinesectoprat@loggybuilderdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2