General
-
Target
f98b5139ef4d01a5018bce13754ba508_JaffaCakes118
-
Size
313KB
-
Sample
240419-ff3fxaac9s
-
MD5
f98b5139ef4d01a5018bce13754ba508
-
SHA1
957c255bd6f6962d802511f2acbd8c88e6ee1c94
-
SHA256
beb8fdabff7c298676c15b3e3c7222ca03402184da2df3b228463589629b2f3b
-
SHA512
5e443fbd76609057614297289e885b59439be93aab51d16a91e5ff753116ebca38582bba24ac99d15162ee96da1afa11f809a3c50e3bbcfb782efbd5cf7032b3
-
SSDEEP
6144:eONz0V/61l7DnP7rahJwzPZ1wVsGiAOucdg3XlpwKekqAPSJC:edo1l7DnPiGzPZ2VsG6PiHIPAPL
Static task
static1
Behavioral task
behavioral1
Sample
f98b5139ef4d01a5018bce13754ba508_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
@Demprod
135.181.171.9:23469
Targets
-
-
Target
f98b5139ef4d01a5018bce13754ba508_JaffaCakes118
-
Size
313KB
-
MD5
f98b5139ef4d01a5018bce13754ba508
-
SHA1
957c255bd6f6962d802511f2acbd8c88e6ee1c94
-
SHA256
beb8fdabff7c298676c15b3e3c7222ca03402184da2df3b228463589629b2f3b
-
SHA512
5e443fbd76609057614297289e885b59439be93aab51d16a91e5ff753116ebca38582bba24ac99d15162ee96da1afa11f809a3c50e3bbcfb782efbd5cf7032b3
-
SSDEEP
6144:eONz0V/61l7DnP7rahJwzPZ1wVsGiAOucdg3XlpwKekqAPSJC:edo1l7DnPiGzPZ2VsG6PiHIPAPL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-