General
-
Target
d7fe40517145ca8e94facf91cb174707_JaffaCakes118
-
Size
2.1MB
-
Sample
240405-s9ye9sge96
-
MD5
d7fe40517145ca8e94facf91cb174707
-
SHA1
1859bfb048986f52b7adf97b3c44af66f021cd38
-
SHA256
c61c72e5a75b5e9753fb52e3c7c925c408abfdcc4e626211e5faddbc8aeb6130
-
SHA512
b94ad2704bfb1ed4a130c2441ed0dbf210ae79f26a82c62224c79f27f98b4c2b623b082c9dda898a53cf0cca32909523df5f546895733ac558e9b9114200f35b
-
SSDEEP
12288:2ZZGC0x5UfwsbIr9Fn5SgcQ2HNv7VyUrx/gK4Z4+TWsLfAyWotrUCm9FVNp7lkTe:WYNp5Fn5rZq4TffrO
Static task
static1
Behavioral task
behavioral1
Sample
d7fe40517145ca8e94facf91cb174707_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d7fe40517145ca8e94facf91cb174707_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
141.94.188.138:46419
-
auth_value
3f48b95855158031ae9e7dafcb203009
Targets
-
-
Target
d7fe40517145ca8e94facf91cb174707_JaffaCakes118
-
Size
2.1MB
-
MD5
d7fe40517145ca8e94facf91cb174707
-
SHA1
1859bfb048986f52b7adf97b3c44af66f021cd38
-
SHA256
c61c72e5a75b5e9753fb52e3c7c925c408abfdcc4e626211e5faddbc8aeb6130
-
SHA512
b94ad2704bfb1ed4a130c2441ed0dbf210ae79f26a82c62224c79f27f98b4c2b623b082c9dda898a53cf0cca32909523df5f546895733ac558e9b9114200f35b
-
SSDEEP
12288:2ZZGC0x5UfwsbIr9Fn5SgcQ2HNv7VyUrx/gK4Z4+TWsLfAyWotrUCm9FVNp7lkTe:WYNp5Fn5rZq4TffrO
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-