General
-
Target
e40e3f4f84ed037dd5578171a9afff42_JaffaCakes118
-
Size
1.3MB
-
Sample
240407-e3h54sde34
-
MD5
e40e3f4f84ed037dd5578171a9afff42
-
SHA1
c84bf92d9e4a4380494c364e15e7dca973ad03c7
-
SHA256
9847f500cddca4d0452b93dcf27f7dbd80f25a10fbf4b71b5ed366a21ac2dceb
-
SHA512
d826f9485161d7224e8883877655fc5618592237569360f64ceb9d9e583e229cf5398a5ca7b20f8d154d646d31bebfcdb391eab90429b153c8fb025548034f3e
-
SSDEEP
6144:PLvCkrDR6/kxMMms/0gwqPSm58pF95fHKq:PLvxrDR6AMMms/0gwYSm58pF95fHKq
Static task
static1
Behavioral task
behavioral1
Sample
e40e3f4f84ed037dd5578171a9afff42_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
@d1m0ndz
ierinapu.xyz:80
Targets
-
-
Target
e40e3f4f84ed037dd5578171a9afff42_JaffaCakes118
-
Size
1.3MB
-
MD5
e40e3f4f84ed037dd5578171a9afff42
-
SHA1
c84bf92d9e4a4380494c364e15e7dca973ad03c7
-
SHA256
9847f500cddca4d0452b93dcf27f7dbd80f25a10fbf4b71b5ed366a21ac2dceb
-
SHA512
d826f9485161d7224e8883877655fc5618592237569360f64ceb9d9e583e229cf5398a5ca7b20f8d154d646d31bebfcdb391eab90429b153c8fb025548034f3e
-
SSDEEP
6144:PLvCkrDR6/kxMMms/0gwqPSm58pF95fHKq:PLvxrDR6AMMms/0gwYSm58pF95fHKq
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-