General
-
Target
0f84d9db43a4289f8cc3e2f215df6bad_JaffaCakes118
-
Size
308KB
-
Sample
240328-zhbwhsga8w
-
MD5
0f84d9db43a4289f8cc3e2f215df6bad
-
SHA1
3264a33eaf1366a99922b7261b543970588bcaaa
-
SHA256
563fdba167c80de6ec4e7495a7f040cd4f7998602898039bcdaa00a08ad3b49d
-
SHA512
42ce242d9b7d93a5d4c7393cb69fa4875b690c3b5c14924cb989cfc0428fbc486e234ecb5fd7aa295b1b6774e024a0e13371334d1c20f7ed8afcd793c11d71d2
-
SSDEEP
6144:KQCJBkjIUOXqJfXAY+AZc/DI3bJM6I3sBhPVOAndgk8PVx98aC388hI2:H2BaPOXqJfXt+AQI3by93sBhNOAcH8nR
Static task
static1
Behavioral task
behavioral1
Sample
0f84d9db43a4289f8cc3e2f215df6bad_JaffaCakes118.exe
Resource
win7-20240319-en
Malware Config
Extracted
redline
usamoney
45.142.215.47:27643
-
auth_value
9491a1c5e11eb6097e68a4fa8627fda8
Targets
-
-
Target
0f84d9db43a4289f8cc3e2f215df6bad_JaffaCakes118
-
Size
308KB
-
MD5
0f84d9db43a4289f8cc3e2f215df6bad
-
SHA1
3264a33eaf1366a99922b7261b543970588bcaaa
-
SHA256
563fdba167c80de6ec4e7495a7f040cd4f7998602898039bcdaa00a08ad3b49d
-
SHA512
42ce242d9b7d93a5d4c7393cb69fa4875b690c3b5c14924cb989cfc0428fbc486e234ecb5fd7aa295b1b6774e024a0e13371334d1c20f7ed8afcd793c11d71d2
-
SSDEEP
6144:KQCJBkjIUOXqJfXAY+AZc/DI3bJM6I3sBhPVOAndgk8PVx98aC388hI2:H2BaPOXqJfXt+AQI3by93sBhNOAcH8nR
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-