General
-
Target
0d3a721884eef83f8a0c26262805026e_JaffaCakes118
-
Size
406KB
-
Sample
240625-jfss9azenl
-
MD5
0d3a721884eef83f8a0c26262805026e
-
SHA1
45b243a2c2ec85ade2afad0acbe835b69a53893f
-
SHA256
95d4b4b0d7850ae04709b88ae02fd05e75a9c55d292ebce672f429f8aa78cc76
-
SHA512
f1e9fdcd1d1f78fc4c750255a33d911ff0c3bb1880db0e9f13700a61c8c8b180660430719a47532a3244b887ab13774363572ef477bec983e599a1a49356f584
-
SSDEEP
6144:UFR05m+b9h3CXY6F4ulvIVTG2wWc9qWkIOP502o6k7l+/A/rAMgJdTAZvyR7ioqf:seZhyXlF5CcEI6cNrrSdElyR2jo5q5Eq
Static task
static1
Behavioral task
behavioral1
Sample
0d3a721884eef83f8a0c26262805026e_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0d3a721884eef83f8a0c26262805026e_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
redline
@keynejkee
164.132.72.186:18717
Targets
-
-
Target
0d3a721884eef83f8a0c26262805026e_JaffaCakes118
-
Size
406KB
-
MD5
0d3a721884eef83f8a0c26262805026e
-
SHA1
45b243a2c2ec85ade2afad0acbe835b69a53893f
-
SHA256
95d4b4b0d7850ae04709b88ae02fd05e75a9c55d292ebce672f429f8aa78cc76
-
SHA512
f1e9fdcd1d1f78fc4c750255a33d911ff0c3bb1880db0e9f13700a61c8c8b180660430719a47532a3244b887ab13774363572ef477bec983e599a1a49356f584
-
SSDEEP
6144:UFR05m+b9h3CXY6F4ulvIVTG2wWc9qWkIOP502o6k7l+/A/rAMgJdTAZvyR7ioqf:seZhyXlF5CcEI6cNrrSdElyR2jo5q5Eq
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-