General
-
Target
73af1e55e0dd26fbbb68c774c92cc525_JaffaCakes118
-
Size
1024KB
-
Sample
240525-3z4jmsfh88
-
MD5
73af1e55e0dd26fbbb68c774c92cc525
-
SHA1
8616b22442ad17a0a729686d5376d409de403f55
-
SHA256
f535ab1b315411a456a7f121e1666c37a513f567ff4f6e6fa0e5392efbcb3bab
-
SHA512
d394a548f8cdf1b7068f4b0f29bc1e277fa591b00078233cd5aa37ddf1f7c67913aef1d8d28861d4804226159d27f6d288ec49057bcfab5b82b1955391e4b0b8
-
SSDEEP
24576:9k70TrcCUsAr38zPlJA1fHWAaaS5E6e7KAa:9kQTApV38zfA1Rn7KA
Static task
static1
Behavioral task
behavioral1
Sample
73af1e55e0dd26fbbb68c774c92cc525_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
73af1e55e0dd26fbbb68c774c92cc525_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
mix
193.38.55.28:80
Targets
-
-
Target
73af1e55e0dd26fbbb68c774c92cc525_JaffaCakes118
-
Size
1024KB
-
MD5
73af1e55e0dd26fbbb68c774c92cc525
-
SHA1
8616b22442ad17a0a729686d5376d409de403f55
-
SHA256
f535ab1b315411a456a7f121e1666c37a513f567ff4f6e6fa0e5392efbcb3bab
-
SHA512
d394a548f8cdf1b7068f4b0f29bc1e277fa591b00078233cd5aa37ddf1f7c67913aef1d8d28861d4804226159d27f6d288ec49057bcfab5b82b1955391e4b0b8
-
SSDEEP
24576:9k70TrcCUsAr38zPlJA1fHWAaaS5E6e7KAa:9kQTApV38zfA1Rn7KA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-