General
-
Target
f44faa2a71dde2950aad23ac0e606e54_JaffaCakes118
-
Size
1.4MB
-
Sample
240416-zrmz5sea3x
-
MD5
f44faa2a71dde2950aad23ac0e606e54
-
SHA1
093446d49ad042791d87eb0fbeed48f405e2772a
-
SHA256
6d44814d7e052696c7c6bdbb547d947c63ba20dd0984fc7f779029e39a813d53
-
SHA512
b8e85fc836643e4d9d9573bdbfb1452f55fa8533242430becb56c52694be2973851f4e95dabe62e074525d8a68e2586deae68f01e86579303e54489ad05dda3f
-
SSDEEP
24576:jfETQJpAl4UL5mbXtbBNeWvOPm6NV00Im2wT:AT4pTUorNGmI0m1
Static task
static1
Behavioral task
behavioral1
Sample
f44faa2a71dde2950aad23ac0e606e54_JaffaCakes118.exe
Resource
win7-20240319-en
Malware Config
Extracted
redline
test
45.93.4.12:80
Targets
-
-
Target
f44faa2a71dde2950aad23ac0e606e54_JaffaCakes118
-
Size
1.4MB
-
MD5
f44faa2a71dde2950aad23ac0e606e54
-
SHA1
093446d49ad042791d87eb0fbeed48f405e2772a
-
SHA256
6d44814d7e052696c7c6bdbb547d947c63ba20dd0984fc7f779029e39a813d53
-
SHA512
b8e85fc836643e4d9d9573bdbfb1452f55fa8533242430becb56c52694be2973851f4e95dabe62e074525d8a68e2586deae68f01e86579303e54489ad05dda3f
-
SSDEEP
24576:jfETQJpAl4UL5mbXtbBNeWvOPm6NV00Im2wT:AT4pTUorNGmI0m1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Suspicious use of SetThreadContext
-