General
-
Target
b0be1a6928316ef41ef9565e34043198_JaffaCakes118
-
Size
405KB
-
Sample
240404-fzm6bsgc23
-
MD5
b0be1a6928316ef41ef9565e34043198
-
SHA1
a3b6b3d4874388a3100360298bf91a0ff8df8115
-
SHA256
d12b53aa0b3111263adaf71e51eeab2ba64ca6c4525800af541767fd90346039
-
SHA512
a3f6558b74d887bad616495c9827666fc1c772c624012baf08e03767d8d9ed589bcc0b1ede20ee51fca77a0357b9218309d28fecb66e60dfb637f558c2dc6d52
-
SSDEEP
12288:pl4/h+lXvk1Ua37fkVHYkldnS57CvaamH7XL:pl45+lK337iHA57CvOXL
Static task
static1
Behavioral task
behavioral1
Sample
b0be1a6928316ef41ef9565e34043198_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
-
auth_value
a272f3a2850ec3dccdaed97234b7c40e
Targets
-
-
Target
b0be1a6928316ef41ef9565e34043198_JaffaCakes118
-
Size
405KB
-
MD5
b0be1a6928316ef41ef9565e34043198
-
SHA1
a3b6b3d4874388a3100360298bf91a0ff8df8115
-
SHA256
d12b53aa0b3111263adaf71e51eeab2ba64ca6c4525800af541767fd90346039
-
SHA512
a3f6558b74d887bad616495c9827666fc1c772c624012baf08e03767d8d9ed589bcc0b1ede20ee51fca77a0357b9218309d28fecb66e60dfb637f558c2dc6d52
-
SSDEEP
12288:pl4/h+lXvk1Ua37fkVHYkldnS57CvaamH7XL:pl45+lK337iHA57CvOXL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-