General

  • Target

    e31463ec8d305ccc8e713b6f0ab9b026_JaffaCakes118

  • Size

    107KB

  • MD5

    e31463ec8d305ccc8e713b6f0ab9b026

  • SHA1

    1062789bd419fe85c28a81cbe9718bdd00a5708d

  • SHA256

    fc19bd4fe32e57b743d6a00aa3ec3b3107d639bf11a898eff57016ac0627b101

  • SHA512

    c39b9c0488d6d652840d774a52f3bc01f677fb66ddbe9e577617888c516cd7c07a0a36da4baf616b8adb54db294e1388600181921fdd2814f12b0b7896aa8d22

  • SSDEEP

    1536:Ht9pmyZRN/OeYWdOaVezGV4FcnnTbGjbuqgdPnMuyq+dGVkdDjECG6qTaoigi:JZRN/7YaFezGV6cncYPnjyjdGQYPS

Malware Config

Extracted

Family

redline

Botnet

@nicknemer

C2

185.230.143.48:14462

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • SectopRAT payload 1 IoCs
  • Sectoprat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e31463ec8d305ccc8e713b6f0ab9b026_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections