General
-
Target
f1d80d08c2254de011013a6b0bb40450_JaffaCakes118
-
Size
191KB
-
Sample
240415-y4y3hahe3w
-
MD5
f1d80d08c2254de011013a6b0bb40450
-
SHA1
93c1cf0c0ccf112b645a406c467c55d6c7c7257b
-
SHA256
9365864ba2cd9a14dbc860dc8b59caa508b3fb169a34a074e7863aa8c876bdd9
-
SHA512
e470b967ca7d0e34d3757ced7950f7c8011d632040a5df16933f6c02c61b975a56ba732901d895ee989380c45e56ada9e46ef63265aed1a8cce74ebc1158e676
-
SSDEEP
3072:GigNpNcLgyZkiRAZPb7eUKmSvizIVKh7jAdGvXCKAbPUO8xve1KjkcDIVTFV2Mu:GtNzIxDRAZP/eUKmSvizIV27vXCKpxvl
Static task
static1
Behavioral task
behavioral1
Sample
f1d80d08c2254de011013a6b0bb40450_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
redline
723
qumaranero.xyz:80
Targets
-
-
Target
f1d80d08c2254de011013a6b0bb40450_JaffaCakes118
-
Size
191KB
-
MD5
f1d80d08c2254de011013a6b0bb40450
-
SHA1
93c1cf0c0ccf112b645a406c467c55d6c7c7257b
-
SHA256
9365864ba2cd9a14dbc860dc8b59caa508b3fb169a34a074e7863aa8c876bdd9
-
SHA512
e470b967ca7d0e34d3757ced7950f7c8011d632040a5df16933f6c02c61b975a56ba732901d895ee989380c45e56ada9e46ef63265aed1a8cce74ebc1158e676
-
SSDEEP
3072:GigNpNcLgyZkiRAZPb7eUKmSvizIVKh7jAdGvXCKAbPUO8xve1KjkcDIVTFV2Mu:GtNzIxDRAZP/eUKmSvizIV27vXCKpxvl
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-