General
-
Target
a5058f0c8a12e82ee4cd0c922127953b_JaffaCakes118
-
Size
440KB
-
Sample
240818-cvj2bstbjn
-
MD5
a5058f0c8a12e82ee4cd0c922127953b
-
SHA1
c185e04a9b51c818c49c6ccc27cca1c674906ec3
-
SHA256
5fbbf8d74c8a2b3f6aabf4a95c1b68d9b5ce182ebd19c1f3c8eed44fdddc72c1
-
SHA512
19714b2d5b6c228245c68672ec677cab054f8532991078c628c462ab9d131ba4b3defb1c953198f6132a55160d40acf42cd56cc0356a8f905d96f51c0ce5f7c7
-
SSDEEP
12288:ZSovggCj/bNcJjSOuBP4RylPhzQAgez64ehg:ZCjmlSOurPiTeBehg
Static task
static1
Behavioral task
behavioral1
Sample
a5058f0c8a12e82ee4cd0c922127953b_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
redline
195.2.93.217:59309
Targets
-
-
Target
a5058f0c8a12e82ee4cd0c922127953b_JaffaCakes118
-
Size
440KB
-
MD5
a5058f0c8a12e82ee4cd0c922127953b
-
SHA1
c185e04a9b51c818c49c6ccc27cca1c674906ec3
-
SHA256
5fbbf8d74c8a2b3f6aabf4a95c1b68d9b5ce182ebd19c1f3c8eed44fdddc72c1
-
SHA512
19714b2d5b6c228245c68672ec677cab054f8532991078c628c462ab9d131ba4b3defb1c953198f6132a55160d40acf42cd56cc0356a8f905d96f51c0ce5f7c7
-
SSDEEP
12288:ZSovggCj/bNcJjSOuBP4RylPhzQAgez64ehg:ZCjmlSOurPiTeBehg
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-