General
-
Target
50b223696961a46e3f435c226b12f899_JaffaCakes118
-
Size
1.1MB
-
Sample
240331-jdhv9sgf52
-
MD5
50b223696961a46e3f435c226b12f899
-
SHA1
f7e909e182969bdb44c3ed8c2c091967c54c7957
-
SHA256
658c50b49af49975e3a4bc1fa44337bb72dcf86b49dee68b2fa6e6dd353309b5
-
SHA512
b19377b68de8d62f5bc85bc523e22b98665a163a3553ba1acafdf068957a123877118698628034c0062c1370ea012c2bbf30175f06ada2e3d5181ad6233d8c36
-
SSDEEP
24576:2oimILHE5B5qhuefzVHQYZVPL5n1Svs2vr+uFm3rJKDR:2bLMB4ZrlZ/TZGvyAmbJK
Static task
static1
Behavioral task
behavioral1
Sample
50b223696961a46e3f435c226b12f899_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Extracted
redline
sapphire
185.230.143.237:2548
Targets
-
-
Target
50b223696961a46e3f435c226b12f899_JaffaCakes118
-
Size
1.1MB
-
MD5
50b223696961a46e3f435c226b12f899
-
SHA1
f7e909e182969bdb44c3ed8c2c091967c54c7957
-
SHA256
658c50b49af49975e3a4bc1fa44337bb72dcf86b49dee68b2fa6e6dd353309b5
-
SHA512
b19377b68de8d62f5bc85bc523e22b98665a163a3553ba1acafdf068957a123877118698628034c0062c1370ea012c2bbf30175f06ada2e3d5181ad6233d8c36
-
SSDEEP
24576:2oimILHE5B5qhuefzVHQYZVPL5n1Svs2vr+uFm3rJKDR:2bLMB4ZrlZ/TZGvyAmbJK
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-