General
-
Target
eaf6a05f6ce78a1949b575f82ca05ce3_JaffaCakes118
-
Size
687KB
-
Sample
240410-nl7xksea44
-
MD5
eaf6a05f6ce78a1949b575f82ca05ce3
-
SHA1
ce584065f4271141a8ec7abeafb840d5e800d3fb
-
SHA256
b5121edf7245d0c520f567b362cade0d4779fb8fb86fc29acd43bcc1acecb941
-
SHA512
fa6d30406adb5f7596f9cb1d0f30f4166ba6afcf61bf62871e18de20fca231be252d2cf047bf88bcf49905877e698e5df1b3150b32f9e674770587542ce7dd05
-
SSDEEP
12288:ep+gczyhNSvRbBQHR4qz91hI0zSaNsvz+yuWDVId21NaI+E8tyvXg6yHcPECsY8Z:fy0aK+J+Yz5IIob1y
Static task
static1
Behavioral task
behavioral1
Sample
eaf6a05f6ce78a1949b575f82ca05ce3_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
1
209.250.245.216:62660
Targets
-
-
Target
eaf6a05f6ce78a1949b575f82ca05ce3_JaffaCakes118
-
Size
687KB
-
MD5
eaf6a05f6ce78a1949b575f82ca05ce3
-
SHA1
ce584065f4271141a8ec7abeafb840d5e800d3fb
-
SHA256
b5121edf7245d0c520f567b362cade0d4779fb8fb86fc29acd43bcc1acecb941
-
SHA512
fa6d30406adb5f7596f9cb1d0f30f4166ba6afcf61bf62871e18de20fca231be252d2cf047bf88bcf49905877e698e5df1b3150b32f9e674770587542ce7dd05
-
SSDEEP
12288:ep+gczyhNSvRbBQHR4qz91hI0zSaNsvz+yuWDVId21NaI+E8tyvXg6yHcPECsY8Z:fy0aK+J+Yz5IIob1y
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-