General
-
Target
203dcfe837a8a2273d26b5d2c8500660_JaffaCakes118
-
Size
331KB
-
Sample
240702-v8gggaxgqm
-
MD5
203dcfe837a8a2273d26b5d2c8500660
-
SHA1
757d3d7232f339b746281b2d328e55a5bcd2a971
-
SHA256
7e034e6e6aade8d171cef476c5068d10c385bd84858d8073850ad7163bc25f23
-
SHA512
bd03bc3b5bf259a2d1df138d93f45d2e2c37ee05e1e3205bfbf5684d39f1b6fa521bef61503046f04610e0a302219f279a11250dcc1179aa808608ca6c6515f0
-
SSDEEP
6144:gUBWwBum0a7QXqCCgHBK7khCZZQtf9JMHHK8iM55f5GHagKlUJFGUvA75GL:Qzm0La/gHBHhCCuHliMPfWMlsq8L
Static task
static1
Behavioral task
behavioral1
Sample
203dcfe837a8a2273d26b5d2c8500660_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
203dcfe837a8a2273d26b5d2c8500660_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
@keynejkee
164.132.72.186:18717
Targets
-
-
Target
203dcfe837a8a2273d26b5d2c8500660_JaffaCakes118
-
Size
331KB
-
MD5
203dcfe837a8a2273d26b5d2c8500660
-
SHA1
757d3d7232f339b746281b2d328e55a5bcd2a971
-
SHA256
7e034e6e6aade8d171cef476c5068d10c385bd84858d8073850ad7163bc25f23
-
SHA512
bd03bc3b5bf259a2d1df138d93f45d2e2c37ee05e1e3205bfbf5684d39f1b6fa521bef61503046f04610e0a302219f279a11250dcc1179aa808608ca6c6515f0
-
SSDEEP
6144:gUBWwBum0a7QXqCCgHBK7khCZZQtf9JMHHK8iM55f5GHagKlUJFGUvA75GL:Qzm0La/gHBHhCCuHliMPfWMlsq8L
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-