General
-
Target
7130eed4e88feb4b15a2a131ef05e2f2_JaffaCakes118
-
Size
277KB
-
Sample
240401-nzhvlseb52
-
MD5
7130eed4e88feb4b15a2a131ef05e2f2
-
SHA1
7a8b7baafa8de955364f863351a360896f870c3c
-
SHA256
d0dda5dfd52eedeb0c31cc69428a488f7af8f66e6c3a736ff88c6ea1c8ebed35
-
SHA512
30c4f2d06e5d63c9529af2c646b262d29a214fc1bd570dbf7832e7527c58ef4a2a64cc3c25e1ecbdf42a290b4022a41637d5dba6ae6b4cf442e71db70c36fe2b
-
SSDEEP
6144:qZ6pJPOMWvlUl0iSyW2JMVp57Vx98aCktyE:bpJPJWSl0iMMMzH8
Static task
static1
Behavioral task
behavioral1
Sample
7130eed4e88feb4b15a2a131ef05e2f2_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
sewPalp
185.215.113.29:24645
-
auth_value
41d3df6d093b1e36993abf16af0d6f2d
Targets
-
-
Target
7130eed4e88feb4b15a2a131ef05e2f2_JaffaCakes118
-
Size
277KB
-
MD5
7130eed4e88feb4b15a2a131ef05e2f2
-
SHA1
7a8b7baafa8de955364f863351a360896f870c3c
-
SHA256
d0dda5dfd52eedeb0c31cc69428a488f7af8f66e6c3a736ff88c6ea1c8ebed35
-
SHA512
30c4f2d06e5d63c9529af2c646b262d29a214fc1bd570dbf7832e7527c58ef4a2a64cc3c25e1ecbdf42a290b4022a41637d5dba6ae6b4cf442e71db70c36fe2b
-
SSDEEP
6144:qZ6pJPOMWvlUl0iSyW2JMVp57Vx98aCktyE:bpJPJWSl0iMMMzH8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-