General
-
Target
c5a7d6307717c8a25b144957c79d5f76_JaffaCakes118
-
Size
406KB
-
Sample
240827-yxl5cszbra
-
MD5
c5a7d6307717c8a25b144957c79d5f76
-
SHA1
922aba7d62ab86fac2ad0101e0ce091c7c135598
-
SHA256
14097a72d677e9e362f718154b230d8776f3f827a0b483070f9f02b8132d0ebf
-
SHA512
e4271a79b07042cf0331dd5b30e8f3106cd0c2561a40cd57a217193de88953764fbb295db3c17143ff47365f4fc6633be6bd788be3ac5804d1a2d75d7de7eb04
-
SSDEEP
6144:0FR05m+b9h3CXoLJwkETQ/bkuLCP502o6k7l+/A/rAMgJdTAZvyR7ioq7o5xj0My:MeZhyX5c/Qu0I6cNrrSdElyR2jo5q5Yq
Static task
static1
Behavioral task
behavioral1
Sample
c5a7d6307717c8a25b144957c79d5f76_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
redline
@jaknhidf
164.132.72.186:18717
Targets
-
-
Target
c5a7d6307717c8a25b144957c79d5f76_JaffaCakes118
-
Size
406KB
-
MD5
c5a7d6307717c8a25b144957c79d5f76
-
SHA1
922aba7d62ab86fac2ad0101e0ce091c7c135598
-
SHA256
14097a72d677e9e362f718154b230d8776f3f827a0b483070f9f02b8132d0ebf
-
SHA512
e4271a79b07042cf0331dd5b30e8f3106cd0c2561a40cd57a217193de88953764fbb295db3c17143ff47365f4fc6633be6bd788be3ac5804d1a2d75d7de7eb04
-
SSDEEP
6144:0FR05m+b9h3CXoLJwkETQ/bkuLCP502o6k7l+/A/rAMgJdTAZvyR7ioq7o5xj0My:MeZhyX5c/Qu0I6cNrrSdElyR2jo5q5Yq
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-