Extracted

• • Target

    JaffaCakes118_ef128d816b35bb51b0e502d1cb85178e

  • Size

    4.6MB

  • MD5

    ef128d816b35bb51b0e502d1cb85178e

  • SHA1

    a7f9d96d5bfdbf86388bc8cad0a6c8758d45b515

  • SHA256

    dd8917276c3d7c626bafa2bb1c415c7199a6bdae1171dcdc75bde0be8f1b5dc9

  • SHA512

    38b08be64764387494fd15543256a27d9c56aa781e984ff50ac9f0de06c3ff56fc89a5f8250ce4942bd5a0aa25b7a22c058f2860dce87cf16d1ebf484d8b483f

  • SSDEEP

    98304:ULR330tEh9OGw8ToI66t8B8rwBBa0L2o7MwNzOxpL318t8Ew1dilM2YvHSUIH:UkEstB9ja0L2SMYqxt3wc2MJM

  Score

  10^/10

  redlinesectoprat@gwwwwrezt1discoveryinfostealerrattrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat

  • SectopRAT payload

  • Sectoprat family

    sectoprat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2