General
-
Target
d4a4093dcc7dabb6e9d9b57aaa159ac9_JaffaCakes118
-
Size
1.1MB
-
Sample
240405-qfy4lada31
-
MD5
d4a4093dcc7dabb6e9d9b57aaa159ac9
-
SHA1
157f7306ff5b4ff9332570d631f7d5ce27df78cd
-
SHA256
dc050b963c642e86bf74da5e85fbfcb0b3c12bd692808bf8ae12a36f4bcf3c84
-
SHA512
1c18849340624cd1f5d2bd9207704cf6c7fb82d7d885da9f5af02f1af146b049242dfcfcf41bce94831e9d7c0eb13931f2046b28cf3a88a21f7abff456b9886d
-
SSDEEP
24576:FFofQDykb6wCihobn3IZCIPrU+k1MeKn1v2nuktSTm:Hykb3CT0ZbPRk1/K1eptE
Static task
static1
Behavioral task
behavioral1
Sample
d4a4093dcc7dabb6e9d9b57aaa159ac9_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
@pjuai123
185.209.22.181:34925
-
auth_value
5a0918bd3e8ede8e02c8dd9d106a996d
Targets
-
-
Target
d4a4093dcc7dabb6e9d9b57aaa159ac9_JaffaCakes118
-
Size
1.1MB
-
MD5
d4a4093dcc7dabb6e9d9b57aaa159ac9
-
SHA1
157f7306ff5b4ff9332570d631f7d5ce27df78cd
-
SHA256
dc050b963c642e86bf74da5e85fbfcb0b3c12bd692808bf8ae12a36f4bcf3c84
-
SHA512
1c18849340624cd1f5d2bd9207704cf6c7fb82d7d885da9f5af02f1af146b049242dfcfcf41bce94831e9d7c0eb13931f2046b28cf3a88a21f7abff456b9886d
-
SSDEEP
24576:FFofQDykb6wCihobn3IZCIPrU+k1MeKn1v2nuktSTm:Hykb3CT0ZbPRk1/K1eptE
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-