General
-
Target
85c2b4dc426a3020849e4e44d6d356f7_JaffaCakes118
-
Size
390KB
-
Sample
240402-hvh2xsba77
-
MD5
85c2b4dc426a3020849e4e44d6d356f7
-
SHA1
fd02152e31c1650d695ce7b541fb5f6f621dc7ef
-
SHA256
0392bf70244ded4e9d61bdb9197864881a4f5c85a8314b675388e54b8080c3fb
-
SHA512
3debd56e029df875ee17459305d28665ebc8d41cd9cb59afbf7f4a8d1453219a802d573dd35c9d68ee7630250caf6235ee6272a93607cfd890cf3c22976e93d9
-
SSDEEP
6144:SNsixpSUnmJLee1Mjlua+Eob/XNJN4cIQ5cOfmmGDOwqk3K9GLy:esDWmJL91MluGu/J4cIQ59GywqkZ
Static task
static1
Behavioral task
behavioral1
Sample
85c2b4dc426a3020849e4e44d6d356f7_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
redline
paladin
37.228.129.48:29795
-
auth_value
f27db372188045eefdf974196ead3dae
Targets
-
-
Target
85c2b4dc426a3020849e4e44d6d356f7_JaffaCakes118
-
Size
390KB
-
MD5
85c2b4dc426a3020849e4e44d6d356f7
-
SHA1
fd02152e31c1650d695ce7b541fb5f6f621dc7ef
-
SHA256
0392bf70244ded4e9d61bdb9197864881a4f5c85a8314b675388e54b8080c3fb
-
SHA512
3debd56e029df875ee17459305d28665ebc8d41cd9cb59afbf7f4a8d1453219a802d573dd35c9d68ee7630250caf6235ee6272a93607cfd890cf3c22976e93d9
-
SSDEEP
6144:SNsixpSUnmJLee1Mjlua+Eob/XNJN4cIQ5cOfmmGDOwqk3K9GLy:esDWmJL91MluGu/J4cIQ59GywqkZ
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-