General
-
Target
e4c21ad080ca997ba48e0168c9ae1820_JaffaCakes118
-
Size
1012KB
-
Sample
240407-m171fsbb4y
-
MD5
e4c21ad080ca997ba48e0168c9ae1820
-
SHA1
a772ab38c6283334bbba7e44b555a55978d45f08
-
SHA256
243b2ee5d04e4a98b6fcdaf1ffdcc78ced750900d36de10b563f0a8cfabb4027
-
SHA512
2b9a31a49539e74ac260b7dcec6d127db68e5388875f973776161548ce0686275075466ad22eaeefeb013c275dad539b15b9007dc84eced0a2036ee34bc37f31
-
SSDEEP
24576:hp5vqtjh9PFbOSEzEkcwyXQ/ZPQtleIOOwJ:r5v+l9dbJY9yG1QIOs
Static task
static1
Behavioral task
behavioral1
Sample
e4c21ad080ca997ba48e0168c9ae1820_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
45.67.231.194:29525
Targets
-
-
Target
e4c21ad080ca997ba48e0168c9ae1820_JaffaCakes118
-
Size
1012KB
-
MD5
e4c21ad080ca997ba48e0168c9ae1820
-
SHA1
a772ab38c6283334bbba7e44b555a55978d45f08
-
SHA256
243b2ee5d04e4a98b6fcdaf1ffdcc78ced750900d36de10b563f0a8cfabb4027
-
SHA512
2b9a31a49539e74ac260b7dcec6d127db68e5388875f973776161548ce0686275075466ad22eaeefeb013c275dad539b15b9007dc84eced0a2036ee34bc37f31
-
SSDEEP
24576:hp5vqtjh9PFbOSEzEkcwyXQ/ZPQtleIOOwJ:r5v+l9dbJY9yG1QIOs
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-