General
-
Target
bde8f5433e92df55f1a401ea841d2d80_JaffaCakes118
-
Size
308KB
-
Sample
240404-vmnzesdh37
-
MD5
bde8f5433e92df55f1a401ea841d2d80
-
SHA1
513337f85515cd71668cd0574c6b981efa9fcfb2
-
SHA256
f934020452d58f327c22060903f625f8b9b39429afad32dc05faf58f4e3f32f9
-
SHA512
083f9f09ffba3c9bc0b120764d42ef4f52a5c36761ec7f5ed38351a24ca0d0a31365c9441f73caeb764e153a2bcdd17a45bd6341a9f4c7a3d4a3d5843b665367
-
SSDEEP
6144:KQCJBkjIUOXqJfXAY+AZc/DI3bJM6I3sBhPVOAndgk8PVx98aC388hI:H2BaPOXqJfXt+AQI3by93sBhNOAcH8n/
Static task
static1
Behavioral task
behavioral1
Sample
bde8f5433e92df55f1a401ea841d2d80_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
usamoney
45.142.215.47:27643
-
auth_value
9491a1c5e11eb6097e68a4fa8627fda8
Targets
-
-
Target
bde8f5433e92df55f1a401ea841d2d80_JaffaCakes118
-
Size
308KB
-
MD5
bde8f5433e92df55f1a401ea841d2d80
-
SHA1
513337f85515cd71668cd0574c6b981efa9fcfb2
-
SHA256
f934020452d58f327c22060903f625f8b9b39429afad32dc05faf58f4e3f32f9
-
SHA512
083f9f09ffba3c9bc0b120764d42ef4f52a5c36761ec7f5ed38351a24ca0d0a31365c9441f73caeb764e153a2bcdd17a45bd6341a9f4c7a3d4a3d5843b665367
-
SSDEEP
6144:KQCJBkjIUOXqJfXAY+AZc/DI3bJM6I3sBhPVOAndgk8PVx98aC388hI:H2BaPOXqJfXt+AQI3by93sBhNOAcH8n/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-