General

  • Target

    a76e2cdba762de201e0668178b03bec4_JaffaCakes118

  • Size

    116KB

  • Sample

    240818-t8xm1stbme

  • MD5

    a76e2cdba762de201e0668178b03bec4

  • SHA1

    4068065df0d806c05b1bd6138bdb32f483c816a2

  • SHA256

    2fd9985380a92fa918df25189e1023c27052355dc1c7f8a2d11339be7ddfc7d3

  • SHA512

    345a52f9087792c06594a4195499c645afd9ef31da4e271ae9ebec656d447db87e6fed7677bb77ad4723467e5c11626aef0e9b78ca9b525e0934b7aa4efd0ff9

  • SSDEEP

    1536:5e1zHb1iaNk5mXKSr7y9zjbuRNdsnhuyq/dMV1dbknEjG6qTaoigNK:0S0X7y978snYyOdM9kEW9K

Malware Config

Extracted

Family

redline

Botnet

@S0lder

C2

5.39.42.4:52028

Targets

    • Target

      a76e2cdba762de201e0668178b03bec4_JaffaCakes118

    • Size

      116KB

    • MD5

      a76e2cdba762de201e0668178b03bec4

    • SHA1

      4068065df0d806c05b1bd6138bdb32f483c816a2

    • SHA256

      2fd9985380a92fa918df25189e1023c27052355dc1c7f8a2d11339be7ddfc7d3

    • SHA512

      345a52f9087792c06594a4195499c645afd9ef31da4e271ae9ebec656d447db87e6fed7677bb77ad4723467e5c11626aef0e9b78ca9b525e0934b7aa4efd0ff9

    • SSDEEP

      1536:5e1zHb1iaNk5mXKSr7y9zjbuRNdsnhuyq/dMV1dbknEjG6qTaoigNK:0S0X7y978snYyOdM9kEW9K

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Enterprise v15

Tasks