General
-
Target
b41b6a2b8e0d6d46d82b21172ef0dd5b_JaffaCakes118
-
Size
505KB
-
Sample
240821-tglfnsxgle
-
MD5
b41b6a2b8e0d6d46d82b21172ef0dd5b
-
SHA1
21d929068b76ce9486b8b1fa096fc82691ffc325
-
SHA256
1d73cca00bf01cd49c5ffa658a6cf2c1c2619fded679ded7a6a48293b203c5fc
-
SHA512
e78ee206c8fd23f8af08d1cb6f1591542f1b0bf25238d0368ac29a9c3c3faae04a9206d3f3b3487fc3183d166fd4a36886f8636b6651bffa2ee7c39cd8d2f9a9
-
SSDEEP
12288:i7PbMfT0mA9ZbOkyIqJitZ6r1L4tQjRDR/3saIQDLXv:iLNXJqKZaRjRt/3sKDj
Static task
static1
Behavioral task
behavioral1
Sample
b41b6a2b8e0d6d46d82b21172ef0dd5b_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
redline
@gxldonme
185.82.126.114:31858
Targets
-
-
Target
b41b6a2b8e0d6d46d82b21172ef0dd5b_JaffaCakes118
-
Size
505KB
-
MD5
b41b6a2b8e0d6d46d82b21172ef0dd5b
-
SHA1
21d929068b76ce9486b8b1fa096fc82691ffc325
-
SHA256
1d73cca00bf01cd49c5ffa658a6cf2c1c2619fded679ded7a6a48293b203c5fc
-
SHA512
e78ee206c8fd23f8af08d1cb6f1591542f1b0bf25238d0368ac29a9c3c3faae04a9206d3f3b3487fc3183d166fd4a36886f8636b6651bffa2ee7c39cd8d2f9a9
-
SSDEEP
12288:i7PbMfT0mA9ZbOkyIqJitZ6r1L4tQjRDR/3saIQDLXv:iLNXJqKZaRjRt/3sKDj
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-