General
-
Target
292ebbcc25be8c7a9743139b938c0fef_JaffaCakes118
-
Size
439KB
-
Sample
240706-w431ca1gkh
-
MD5
292ebbcc25be8c7a9743139b938c0fef
-
SHA1
b256d83b500cafc45ff754821a8ced7d8061b767
-
SHA256
367158ff6626547d199aa0c12972efe731ab99550fc77bd067496bfcea941f4b
-
SHA512
164e32e41f0630d574070d20cc499a0a9d4502ad626d764fee440556fd0d784ce35c33c558da3ad9e3768cb3a372c6f3fd69b8f284ec912a5be38fa077ed6228
-
SSDEEP
12288:e8klT97igBMJM8Ajhq/dK98KGa4YR1HK53f8hit3hDyYhE:eD7jhm5
Static task
static1
Behavioral task
behavioral1
Sample
292ebbcc25be8c7a9743139b938c0fef_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
new
91.245.253.52:38439
Targets
-
-
Target
292ebbcc25be8c7a9743139b938c0fef_JaffaCakes118
-
Size
439KB
-
MD5
292ebbcc25be8c7a9743139b938c0fef
-
SHA1
b256d83b500cafc45ff754821a8ced7d8061b767
-
SHA256
367158ff6626547d199aa0c12972efe731ab99550fc77bd067496bfcea941f4b
-
SHA512
164e32e41f0630d574070d20cc499a0a9d4502ad626d764fee440556fd0d784ce35c33c558da3ad9e3768cb3a372c6f3fd69b8f284ec912a5be38fa077ed6228
-
SSDEEP
12288:e8klT97igBMJM8Ajhq/dK98KGa4YR1HK53f8hit3hDyYhE:eD7jhm5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-