General
-
Target
9a9ca150ba4d1df9aa2f7d27b3912c00_JaffaCakes118
-
Size
406KB
-
Sample
240402-3zsr5she2v
-
MD5
9a9ca150ba4d1df9aa2f7d27b3912c00
-
SHA1
97399b7a9b94f82a337febe5c8f973ce5cbfe831
-
SHA256
956940ac4572183493694ee65b806180a052bcfb086f47c4840cc2fb22168be9
-
SHA512
5bbe4b7b7ff6c993ace3cf6ad8a6e58e807e5245ad53c6b7cf880b53a32fef133b7b1639fb144084ca4d023909c721c88b4281de7ad138b2c239158f6ec3160e
-
SSDEEP
12288:5dr0rYLxYTw9/NNg40/tTYpVVBd71NH/0m7mmr:5dYrKeqvg40/SpBNH/0
Static task
static1
Behavioral task
behavioral1
Sample
9a9ca150ba4d1df9aa2f7d27b3912c00_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
-
auth_value
a272f3a2850ec3dccdaed97234b7c40e
Targets
-
-
Target
9a9ca150ba4d1df9aa2f7d27b3912c00_JaffaCakes118
-
Size
406KB
-
MD5
9a9ca150ba4d1df9aa2f7d27b3912c00
-
SHA1
97399b7a9b94f82a337febe5c8f973ce5cbfe831
-
SHA256
956940ac4572183493694ee65b806180a052bcfb086f47c4840cc2fb22168be9
-
SHA512
5bbe4b7b7ff6c993ace3cf6ad8a6e58e807e5245ad53c6b7cf880b53a32fef133b7b1639fb144084ca4d023909c721c88b4281de7ad138b2c239158f6ec3160e
-
SSDEEP
12288:5dr0rYLxYTw9/NNg40/tTYpVVBd71NH/0m7mmr:5dYrKeqvg40/SpBNH/0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-