General
-
Target
f06588724e79ef9502afe278ee0fc66d_JaffaCakes118
-
Size
588KB
-
Sample
240415-fxhg3afe64
-
MD5
f06588724e79ef9502afe278ee0fc66d
-
SHA1
7d96e882073fbd99ba7dbc3224a15b0c1bd3bbfb
-
SHA256
d88f92b7b99dd521cf0c09182a7409f292feda29b1bee557ba9ddd8c141ce564
-
SHA512
56fa7f2ef482ab851f27bc97de64fd6a50be19acc9d2488ad186e048575e91756ca36179335298c47491ae7f244dec9d5cc78b06a236eee215f1b0c39ea7a979
-
SSDEEP
12288:UkeElB5eA1God0C3RX7UBkjTz8VgbO/Qi:ecx13lU
Static task
static1
Behavioral task
behavioral1
Sample
f06588724e79ef9502afe278ee0fc66d_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
95.179.166.29:60101
Targets
-
-
Target
f06588724e79ef9502afe278ee0fc66d_JaffaCakes118
-
Size
588KB
-
MD5
f06588724e79ef9502afe278ee0fc66d
-
SHA1
7d96e882073fbd99ba7dbc3224a15b0c1bd3bbfb
-
SHA256
d88f92b7b99dd521cf0c09182a7409f292feda29b1bee557ba9ddd8c141ce564
-
SHA512
56fa7f2ef482ab851f27bc97de64fd6a50be19acc9d2488ad186e048575e91756ca36179335298c47491ae7f244dec9d5cc78b06a236eee215f1b0c39ea7a979
-
SSDEEP
12288:UkeElB5eA1God0C3RX7UBkjTz8VgbO/Qi:ecx13lU
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-