Extracted

• • Target

    JaffaCakes118_d2a6c1de8c0c3d3c3196b61af3e31358

  • Size

    486KB

  • MD5

    d2a6c1de8c0c3d3c3196b61af3e31358

  • SHA1

    c92a68c79d550af2d0dfe4fbf92bb06e34dd60db

  • SHA256

    6205a84deeaf5dfc8dc0ef4d580782476782b18ba65ac0cfa0bfb1a74cba8d0a

  • SHA512

    3d000821abd4cc9b2cac674b81606b42545c4581991c02bb741be271f14eaf24391b1b7f7b132fd311ff42c1751fb354b83d29c1b4a93128b4e2785ac45815ed

  • SSDEEP

    12288:lXGmEHrlYwbfKdyVVQOq/PENHWmQNso5D7HPTgorhwLb:4mUlJDKW5zWmQNsoh7prc

  Score

  10^/10

  redlinesectoprat@asautamandiscoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2