General
-
Target
e45200d0fbf1f466a956725610124eac_JaffaCakes118
-
Size
1.1MB
-
Sample
240407-hm7ejsfd3z
-
MD5
e45200d0fbf1f466a956725610124eac
-
SHA1
e272e2d6c2bf6a9497fd48500b1c088bbc90b9c4
-
SHA256
d3cfc436366c9d127c7a6233f6531cf6e5863153b41ba4ab6f8fe87f473c8c9d
-
SHA512
e852bff6f5887ebb1addfab53daea1235d632683cd6497fc0310a31a08e8254810f642f81bb1ea0cfdc6dde6b231c6bebc7c072016189a00542646521a53b5c2
-
SSDEEP
24576:vpeyqYiQGwbogMvsJY1eI0HUYIXpxAax1Rp5RdifBG8sh/Z44juzr:INwMg1J7xtoLAax/zRhRRSzr
Static task
static1
Behavioral task
behavioral1
Sample
e45200d0fbf1f466a956725610124eac_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
@ejorka
185.209.22.181:34925
-
auth_value
5a0918bd3e8ede8e02c8dd9d106a996d
Targets
-
-
Target
e45200d0fbf1f466a956725610124eac_JaffaCakes118
-
Size
1.1MB
-
MD5
e45200d0fbf1f466a956725610124eac
-
SHA1
e272e2d6c2bf6a9497fd48500b1c088bbc90b9c4
-
SHA256
d3cfc436366c9d127c7a6233f6531cf6e5863153b41ba4ab6f8fe87f473c8c9d
-
SHA512
e852bff6f5887ebb1addfab53daea1235d632683cd6497fc0310a31a08e8254810f642f81bb1ea0cfdc6dde6b231c6bebc7c072016189a00542646521a53b5c2
-
SSDEEP
24576:vpeyqYiQGwbogMvsJY1eI0HUYIXpxAax1Rp5RdifBG8sh/Z44juzr:INwMg1J7xtoLAax/zRhRRSzr
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-