General
-
Target
db58770d2e579ffccc89fa0e80b6fbea_JaffaCakes118
-
Size
24.1MB
-
Sample
240911-2kjp9axcmg
-
MD5
db58770d2e579ffccc89fa0e80b6fbea
-
SHA1
5d5ff145e35ff5cb9a29ae1e1e90f522f7965897
-
SHA256
45a95f380d1df93afc4ead92061023c2f31efbb07fbde1bca2bd8581d90d7cdd
-
SHA512
ada7c65a6cf73e70d22e9840c73c745657625c1912cb8b8d1a33b6d7b40ae87d871051207fb76774d2ec573981396262a9dc13269522f7b5b3e4cc1e2d7bbe3c
-
SSDEEP
24576:tYH24VdpPHruLp1JOjZ1umKjJWzwZquuMiwTAT:GH24Vdpjud1JOdMJrqmiwTA
Static task
static1
Behavioral task
behavioral1
Sample
db58770d2e579ffccc89fa0e80b6fbea_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Extracted
redline
@pjuai123
185.209.22.181:34925
Targets
-
-
Target
db58770d2e579ffccc89fa0e80b6fbea_JaffaCakes118
-
Size
24.1MB
-
MD5
db58770d2e579ffccc89fa0e80b6fbea
-
SHA1
5d5ff145e35ff5cb9a29ae1e1e90f522f7965897
-
SHA256
45a95f380d1df93afc4ead92061023c2f31efbb07fbde1bca2bd8581d90d7cdd
-
SHA512
ada7c65a6cf73e70d22e9840c73c745657625c1912cb8b8d1a33b6d7b40ae87d871051207fb76774d2ec573981396262a9dc13269522f7b5b3e4cc1e2d7bbe3c
-
SSDEEP
24576:tYH24VdpPHruLp1JOjZ1umKjJWzwZquuMiwTAT:GH24Vdpjud1JOdMJrqmiwTA
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-