General
-
Target
d74955fc485e8c4ead3e11f3a7bfd6ae_JaffaCakes118
-
Size
1.1MB
-
Sample
240909-3rrvwayaqb
-
MD5
d74955fc485e8c4ead3e11f3a7bfd6ae
-
SHA1
2bad2c37ad87cb708080e70fb3ccb972b6c0e49b
-
SHA256
322b1d2a8427c46ccbfb455211c82e16d99965b3060c16f1b95a871dd3191f34
-
SHA512
07306a1df5671173f4bdbddbd0bf9ae8e5819543ff762642403bde1499dca61e589fa49a048a0bc6a5ffbc982f1a3cbf707f56d19f12a27d99ea1c430c61ca75
-
SSDEEP
24576:A7o2odTV/KAz7bO/sffrtQ2nXeqSPnD+Q95kU8YS/6:QvodR/1z7msffrtQhK7Uh
Static task
static1
Behavioral task
behavioral1
Sample
d74955fc485e8c4ead3e11f3a7bfd6ae_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d74955fc485e8c4ead3e11f3a7bfd6ae_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
@oathbreaker_op
185.209.22.181:34925
Targets
-
-
Target
d74955fc485e8c4ead3e11f3a7bfd6ae_JaffaCakes118
-
Size
1.1MB
-
MD5
d74955fc485e8c4ead3e11f3a7bfd6ae
-
SHA1
2bad2c37ad87cb708080e70fb3ccb972b6c0e49b
-
SHA256
322b1d2a8427c46ccbfb455211c82e16d99965b3060c16f1b95a871dd3191f34
-
SHA512
07306a1df5671173f4bdbddbd0bf9ae8e5819543ff762642403bde1499dca61e589fa49a048a0bc6a5ffbc982f1a3cbf707f56d19f12a27d99ea1c430c61ca75
-
SSDEEP
24576:A7o2odTV/KAz7bO/sffrtQ2nXeqSPnD+Q95kU8YS/6:QvodR/1z7msffrtQhK7Uh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-