General
-
Target
e2d959b36754b37727ef0c54b11ef3cf_JaffaCakes118
-
Size
606KB
-
Sample
240406-sxx9qsdc6w
-
MD5
e2d959b36754b37727ef0c54b11ef3cf
-
SHA1
fffc93eec7deeda7d17ab729f89d4c5e01d781cf
-
SHA256
b8e902d0a3a533b5a9f495f58c69692ae79917fbf9fa7829a9c52d4012e7a060
-
SHA512
9a1b180bdba8fa4d0e4c8e9e3417653278d531811ac4cfe89ad988690e006bbb531824d4c1b5c94b07b1f7f98fa47d6b8a5c64a1be2818084e60e25c2b45c807
-
SSDEEP
12288:Wk0ryoZx5eA1GoeW6kZ5mW/tpy1UV5bO/Zj+t:LqB13eW
Static task
static1
Behavioral task
behavioral1
Sample
e2d959b36754b37727ef0c54b11ef3cf_JaffaCakes118.exe
Resource
win7-20240319-en
Malware Config
Extracted
redline
NANani
87.251.71.14:89
Targets
-
-
Target
e2d959b36754b37727ef0c54b11ef3cf_JaffaCakes118
-
Size
606KB
-
MD5
e2d959b36754b37727ef0c54b11ef3cf
-
SHA1
fffc93eec7deeda7d17ab729f89d4c5e01d781cf
-
SHA256
b8e902d0a3a533b5a9f495f58c69692ae79917fbf9fa7829a9c52d4012e7a060
-
SHA512
9a1b180bdba8fa4d0e4c8e9e3417653278d531811ac4cfe89ad988690e006bbb531824d4c1b5c94b07b1f7f98fa47d6b8a5c64a1be2818084e60e25c2b45c807
-
SSDEEP
12288:Wk0ryoZx5eA1GoeW6kZ5mW/tpy1UV5bO/Zj+t:LqB13eW
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-