General

  • Target

    2760950e357e9d956c1f1b4679729ce8_JaffaCakes118

  • Size

    343KB

  • Sample

    240706-fz515sygpf

  • MD5

    2760950e357e9d956c1f1b4679729ce8

  • SHA1

    8ad814ed32ed9fb495da62048577de54c0dd4daa

  • SHA256

    7c7af24d7f278e75ca7da19167fa81c257f332d18696dbb2b1a5e1db2c3d76b7

  • SHA512

    26838b9763dfa808865ea8fc62e727499025cca5083c3e40d4c7f2029e0519442c2d01ca1cc30ede804b682929b8f235ac97799d6add5d7b779462cdda9c6687

  • SSDEEP

    6144:6oi9zcb1s/omORmA0/X4nMGmcF2dA2UTCteT0V0aSUAiknAB0n:l+zcb1hvgAUX4nMGVwdA2ImS0V3SUAiy

Malware Config

Extracted

Family

redline

C2

141.94.188.138:46419

Targets

    • Target

      2760950e357e9d956c1f1b4679729ce8_JaffaCakes118

    • Size

      343KB

    • MD5

      2760950e357e9d956c1f1b4679729ce8

    • SHA1

      8ad814ed32ed9fb495da62048577de54c0dd4daa

    • SHA256

      7c7af24d7f278e75ca7da19167fa81c257f332d18696dbb2b1a5e1db2c3d76b7

    • SHA512

      26838b9763dfa808865ea8fc62e727499025cca5083c3e40d4c7f2029e0519442c2d01ca1cc30ede804b682929b8f235ac97799d6add5d7b779462cdda9c6687

    • SSDEEP

      6144:6oi9zcb1s/omORmA0/X4nMGmcF2dA2UTCteT0V0aSUAiknAB0n:l+zcb1hvgAUX4nMGVwdA2ImS0V3SUAiy

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks