Extracted

• • Target

    JaffaCakes118_ce36f24b7ed2e0741d40a20feb63d72a

  • Size

    155KB

  • MD5

    ce36f24b7ed2e0741d40a20feb63d72a

  • SHA1

    b54deaa1aec753435374eb2912cb3d4990fb5356

  • SHA256

    4dbd1787587152a4a413147c100dd4ddaa8b30398e8f3f776278a9ca3d9e8986

  • SHA512

    f27630f6683a2f8360c0db838382809cafc55a29329e25904cc5f5fc8ae6620ba5d7f490f3b1a4d36d1be860e2d44caa2dcb67630edac3a9fb220ece37706254

  • SSDEEP

    3072:iLXxPuabKBDzqS1NZri5GT9Hqnq94JVN69y0WiMm:IX1uabKBDeSAAhHboN69J

  Score

  10^/10

  redlinesectopratdiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2