General

  • Target

    e2d90156ab03ca59299b499a70cd598d_JaffaCakes118

  • Size

    100KB

  • MD5

    e2d90156ab03ca59299b499a70cd598d

  • SHA1

    39987c1bdfad0133748a95eda4bb0f6448ca2ea1

  • SHA256

    171c0968fc8c8eba4e8a577723b50e7b23971905c4b056262e3b31103cb3a593

  • SHA512

    be6c765922c35620667333ad7b9a1fb1f1cc53b369cb405bd1e36b5db762591e9d04e6c595a682d79d94449b1b8afbd94ee60db2eae345be8f2010b3231011d7

  • SSDEEP

    1536:So6aGbaCsims9p51RS7e7qop9FF5auCw5e7gbue7vVuvNyAsdZketx5REnG6WAaE:SdxmCJp51sYF4Vge83Vulydd7NW9r

Malware Config

Extracted

Family

redline

Botnet

zalupa228

C2

45.140.147.31:22127

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • SectopRAT payload 1 IoCs
  • Sectoprat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e2d90156ab03ca59299b499a70cd598d_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections