General
-
Target
e4244e9684651daa3d583f5e324029b9_JaffaCakes118
-
Size
380KB
-
Sample
240407-fxj1wsec49
-
MD5
e4244e9684651daa3d583f5e324029b9
-
SHA1
f978f7449fde3b4585309aec7ad1d7b2783addd4
-
SHA256
c806b2ab450d3412c4a6a3ccb57a54ce112072ae70367a4d86a23dd9128c6da6
-
SHA512
0ce8a6dac0f6edcd0f38e6765ba434d6b43800acff35a1b2f4fd6b3bda356920a070d18d4e42fe09c6585378a7e31996af036aa0f6aaddacc691edf6c5ace513
-
SSDEEP
6144:KWaqflbkV08tDlfxai52zwKOiLq6MhqHlqgbzlPBIAUEPIl6X6jYAV:Xk68hlfB2k7i26M4FFd5hUo6c4
Static task
static1
Behavioral task
behavioral1
Sample
e4244e9684651daa3d583f5e324029b9_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e4244e9684651daa3d583f5e324029b9_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
Master Of Puppets
45.140.146.214:3287
Targets
-
-
Target
e4244e9684651daa3d583f5e324029b9_JaffaCakes118
-
Size
380KB
-
MD5
e4244e9684651daa3d583f5e324029b9
-
SHA1
f978f7449fde3b4585309aec7ad1d7b2783addd4
-
SHA256
c806b2ab450d3412c4a6a3ccb57a54ce112072ae70367a4d86a23dd9128c6da6
-
SHA512
0ce8a6dac0f6edcd0f38e6765ba434d6b43800acff35a1b2f4fd6b3bda356920a070d18d4e42fe09c6585378a7e31996af036aa0f6aaddacc691edf6c5ace513
-
SSDEEP
6144:KWaqflbkV08tDlfxai52zwKOiLq6MhqHlqgbzlPBIAUEPIl6X6jYAV:Xk68hlfB2k7i26M4FFd5hUo6c4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-