General
-
Target
af9f05286bebb3b86e0a5b946ffcb63a_JaffaCakes118
-
Size
385KB
-
Sample
240404-e2fzcsfa79
-
MD5
af9f05286bebb3b86e0a5b946ffcb63a
-
SHA1
73d8ababf4f6e644ee54361ce77c4e911e0d5d96
-
SHA256
59dbcf4e177a240ec2e4f62b32afa83c9f3c682d954d2d2ad2487814971d271e
-
SHA512
96c2adbcb72775aa3a4c25e9b379d5d41bce021a56e80c1f62f3ad19942c7047f27da6b4eff151fbe6d7988260f3be9861d6af7675869d03da86fdd8722945b1
-
SSDEEP
6144:gGOGPmLDXj3up0T0Sb5v9t5nbTb5nR2xJa53EHnSnC:G4wDX7up0T5b5F3nbTp8xJM36IC
Static task
static1
Behavioral task
behavioral1
Sample
af9f05286bebb3b86e0a5b946ffcb63a_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
sewPalp
185.215.113.29:24645
-
auth_value
41d3df6d093b1e36993abf16af0d6f2d
Targets
-
-
Target
af9f05286bebb3b86e0a5b946ffcb63a_JaffaCakes118
-
Size
385KB
-
MD5
af9f05286bebb3b86e0a5b946ffcb63a
-
SHA1
73d8ababf4f6e644ee54361ce77c4e911e0d5d96
-
SHA256
59dbcf4e177a240ec2e4f62b32afa83c9f3c682d954d2d2ad2487814971d271e
-
SHA512
96c2adbcb72775aa3a4c25e9b379d5d41bce021a56e80c1f62f3ad19942c7047f27da6b4eff151fbe6d7988260f3be9861d6af7675869d03da86fdd8722945b1
-
SSDEEP
6144:gGOGPmLDXj3up0T0Sb5v9t5nbTb5nR2xJa53EHnSnC:G4wDX7up0T5b5F3nbTp8xJM36IC
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-