General
-
Target
4e1868e7601e5cb9f6d454758df69c99_JaffaCakes118
-
Size
321KB
-
Sample
240716-nhxmfazeqq
-
MD5
4e1868e7601e5cb9f6d454758df69c99
-
SHA1
dfa929d27d132dec3532f84ef44957fcbb2e8b28
-
SHA256
c0106f208713f7d49ec131336406dd1d0af5b1dbda9bb4e94b2dc9439104863b
-
SHA512
12414ec1d76d22ea44b55f70a489eda7ee6692a6ea1a7f5d439f62afc24ca8cab48483b0b429b3b954fae1928404427cf09106a5fbfed6966251f0ed95a2e7c5
-
SSDEEP
3072:r64XAlTrgcLSsfqdleoLBu6v1p2x+xpp3xG3H92WlxfvvG3J:O1ksMrBHtpVBG3H9Lf3
Static task
static1
Behavioral task
behavioral1
Sample
4e1868e7601e5cb9f6d454758df69c99_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
4e1868e7601e5cb9f6d454758df69c99_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
redline
CryptBuild
46.175.146.11:41600
Targets
-
-
Target
4e1868e7601e5cb9f6d454758df69c99_JaffaCakes118
-
Size
321KB
-
MD5
4e1868e7601e5cb9f6d454758df69c99
-
SHA1
dfa929d27d132dec3532f84ef44957fcbb2e8b28
-
SHA256
c0106f208713f7d49ec131336406dd1d0af5b1dbda9bb4e94b2dc9439104863b
-
SHA512
12414ec1d76d22ea44b55f70a489eda7ee6692a6ea1a7f5d439f62afc24ca8cab48483b0b429b3b954fae1928404427cf09106a5fbfed6966251f0ed95a2e7c5
-
SSDEEP
3072:r64XAlTrgcLSsfqdleoLBu6v1p2x+xpp3xG3H92WlxfvvG3J:O1ksMrBHtpVBG3H9Lf3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-