General
-
Target
f9bb58b3f2ba2c08c54ce5b5be527a11_JaffaCakes118
-
Size
397KB
-
Sample
240419-hhtb5acb5s
-
MD5
f9bb58b3f2ba2c08c54ce5b5be527a11
-
SHA1
68397aec23aacd76c91699c4029724903349ac1f
-
SHA256
df79ead3404abbe61bf19023a7bd429149ab8da9e487d9726ca14d18ce3730dc
-
SHA512
62bb4ac29d0966452ca6ff52f1647392e9bfc1aeed80326ac48a45e70f9ca766f43fe2c86d5e960590f004ebcc9df1eac8b2b2b68837e41910abac82b11544f0
-
SSDEEP
12288:qM4ESMnqoagsEvUcgSaA1mP3XD5vLMA5ApN03OEO7CaokURFmPg:ir
Static task
static1
Behavioral task
behavioral1
Sample
f9bb58b3f2ba2c08c54ce5b5be527a11_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
29_7_6lk
zertypelil.xyz:80
Targets
-
-
Target
f9bb58b3f2ba2c08c54ce5b5be527a11_JaffaCakes118
-
Size
397KB
-
MD5
f9bb58b3f2ba2c08c54ce5b5be527a11
-
SHA1
68397aec23aacd76c91699c4029724903349ac1f
-
SHA256
df79ead3404abbe61bf19023a7bd429149ab8da9e487d9726ca14d18ce3730dc
-
SHA512
62bb4ac29d0966452ca6ff52f1647392e9bfc1aeed80326ac48a45e70f9ca766f43fe2c86d5e960590f004ebcc9df1eac8b2b2b68837e41910abac82b11544f0
-
SSDEEP
12288:qM4ESMnqoagsEvUcgSaA1mP3XD5vLMA5ApN03OEO7CaokURFmPg:ir
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-