General
-
Target
57189ebda4e73310d12867ab65c984aa_JaffaCakes118
-
Size
1.1MB
-
Sample
240718-m6s4gsvhkl
-
MD5
57189ebda4e73310d12867ab65c984aa
-
SHA1
2412b891b122f98ba80a467dc8f53b94e599fa1f
-
SHA256
786937d0aeea999a694503623fc6d864aa25429a68f84cef4aad1cfd8beffd65
-
SHA512
f388baa36658e5ed658048d74e1c7892257750211cd68bb6b5a036a07399fa029fb50f0df5228fdf15dd05df0c3c30b509bb25203462da16b8018fab788ec3a9
-
SSDEEP
24576:lKhjs2H3kjgy4YxWjJkwc8GDyXc64P2oAcbRIHTShkHAgC2clY:KNH3NnYWjJczCc64uYbJhkHAAcK
Static task
static1
Behavioral task
behavioral1
Sample
57189ebda4e73310d12867ab65c984aa_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Extracted
redline
@iam_82
185.209.22.181:34925
Targets
-
-
Target
57189ebda4e73310d12867ab65c984aa_JaffaCakes118
-
Size
1.1MB
-
MD5
57189ebda4e73310d12867ab65c984aa
-
SHA1
2412b891b122f98ba80a467dc8f53b94e599fa1f
-
SHA256
786937d0aeea999a694503623fc6d864aa25429a68f84cef4aad1cfd8beffd65
-
SHA512
f388baa36658e5ed658048d74e1c7892257750211cd68bb6b5a036a07399fa029fb50f0df5228fdf15dd05df0c3c30b509bb25203462da16b8018fab788ec3a9
-
SSDEEP
24576:lKhjs2H3kjgy4YxWjJkwc8GDyXc64P2oAcbRIHTShkHAgC2clY:KNH3NnYWjJczCc64uYbJhkHAAcK
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-