General
-
Target
41f245263875cce2130088a673e3ee43_JaffaCakes118
-
Size
366KB
-
Sample
240330-xf12hscg88
-
MD5
41f245263875cce2130088a673e3ee43
-
SHA1
ad839c42c3c1c60d6a525d8a0381a97e74b18eb6
-
SHA256
b5fd0bd00a0445f344c1af2008c216e755f4355d36c5563a9a0fdd74faf2c9c0
-
SHA512
f0bcfc18e6d7316b758efa4287f8b4514eb8a87a3875c7edd8231afbcef5758e0a5beb7917f3688d7d8e0966e210642df6845eaee1961da26ddde881847c7b98
-
SSDEEP
6144:y44OAKt4U0/7K9eT3zFdP1820OdbiNq38c/FXgG8QEYIX3l42l4:vEW9A3zO2ViE38c/FX8QEYIn224
Static task
static1
Behavioral task
behavioral1
Sample
41f245263875cce2130088a673e3ee43_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
usamoney
45.142.215.47:27643
-
auth_value
9491a1c5e11eb6097e68a4fa8627fda8
Targets
-
-
Target
41f245263875cce2130088a673e3ee43_JaffaCakes118
-
Size
366KB
-
MD5
41f245263875cce2130088a673e3ee43
-
SHA1
ad839c42c3c1c60d6a525d8a0381a97e74b18eb6
-
SHA256
b5fd0bd00a0445f344c1af2008c216e755f4355d36c5563a9a0fdd74faf2c9c0
-
SHA512
f0bcfc18e6d7316b758efa4287f8b4514eb8a87a3875c7edd8231afbcef5758e0a5beb7917f3688d7d8e0966e210642df6845eaee1961da26ddde881847c7b98
-
SSDEEP
6144:y44OAKt4U0/7K9eT3zFdP1820OdbiNq38c/FXgG8QEYIX3l42l4:vEW9A3zO2ViE38c/FX8QEYIn224
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-