General
-
Target
fbe4bbfc10eaf8a32435a1affc24c527_JaffaCakes118
-
Size
173KB
-
Sample
240420-eqks6sga67
-
MD5
fbe4bbfc10eaf8a32435a1affc24c527
-
SHA1
cdc30e49e455f569d3079be54e94ed99634522ba
-
SHA256
0622e887329db226e13c2eccbf18bebce4300aeb7fd348488fbf46de44584d92
-
SHA512
3716ff669296f1ade44039921b887da39839ae683a83cab710ef06692d2631499ea8a3ab181c82428074308e641f8c8b307b03d0ceac6bcc818da70fbad04c51
-
SSDEEP
3072:BQEdg9Ah1SDYjN0a+WXwRfb++xaxqfQ8c9jiAnEEh4GQBjiupNKDT:BQH140WXwRi+xaxzJpioERTeuWT
Static task
static1
Behavioral task
behavioral1
Sample
fbe4bbfc10eaf8a32435a1affc24c527_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
mastif
185.234.247.62:4131
Targets
-
-
Target
fbe4bbfc10eaf8a32435a1affc24c527_JaffaCakes118
-
Size
173KB
-
MD5
fbe4bbfc10eaf8a32435a1affc24c527
-
SHA1
cdc30e49e455f569d3079be54e94ed99634522ba
-
SHA256
0622e887329db226e13c2eccbf18bebce4300aeb7fd348488fbf46de44584d92
-
SHA512
3716ff669296f1ade44039921b887da39839ae683a83cab710ef06692d2631499ea8a3ab181c82428074308e641f8c8b307b03d0ceac6bcc818da70fbad04c51
-
SSDEEP
3072:BQEdg9Ah1SDYjN0a+WXwRfb++xaxqfQ8c9jiAnEEh4GQBjiupNKDT:BQH140WXwRi+xaxzJpioERTeuWT
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-