General
-
Target
44cfc2ec67dcd3d164a842a7da87e09a_JaffaCakes118
-
Size
360KB
-
Sample
240330-1fq34afa81
-
MD5
44cfc2ec67dcd3d164a842a7da87e09a
-
SHA1
1362eedd0932f43354f2da158ce9093978c860e3
-
SHA256
1119505e0ff221849c2219e3c2f1596e1902d0ed1d3005146008b71a1aa13ef7
-
SHA512
f0c01eb1083ea5bf2908804d7dfe56d6fb05b62382f471a18f9633c798ec6bf0ff4761e91d856dffd4ede8c29ccfa6e0a9e90e2e0ff3d3a5958d71f4efe3cf9a
-
SSDEEP
6144:30DPgKoov3vwkWyHjZzYdxWbdb0uQZ5HzmUVx98aCYcW5S6:kLgKrig6IK1H8ocW5S6
Static task
static1
Behavioral task
behavioral1
Sample
44cfc2ec67dcd3d164a842a7da87e09a_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
redline
sewPalp
185.215.113.29:24645
-
auth_value
41d3df6d093b1e36993abf16af0d6f2d
Targets
-
-
Target
44cfc2ec67dcd3d164a842a7da87e09a_JaffaCakes118
-
Size
360KB
-
MD5
44cfc2ec67dcd3d164a842a7da87e09a
-
SHA1
1362eedd0932f43354f2da158ce9093978c860e3
-
SHA256
1119505e0ff221849c2219e3c2f1596e1902d0ed1d3005146008b71a1aa13ef7
-
SHA512
f0c01eb1083ea5bf2908804d7dfe56d6fb05b62382f471a18f9633c798ec6bf0ff4761e91d856dffd4ede8c29ccfa6e0a9e90e2e0ff3d3a5958d71f4efe3cf9a
-
SSDEEP
6144:30DPgKoov3vwkWyHjZzYdxWbdb0uQZ5HzmUVx98aCYcW5S6:kLgKrig6IK1H8ocW5S6
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-