General
-
Target
fc631c84dc3f3fe47a1f526d3f1c7599_JaffaCakes118
-
Size
423KB
-
Sample
240928-qmn7zazhpe
-
MD5
fc631c84dc3f3fe47a1f526d3f1c7599
-
SHA1
6d36455501ff48f29c7041b014633fcd098f4580
-
SHA256
b9675e4c8a9934d457626af3be655ad46a9e90c6bedc6dbe80fbcef657af1e2f
-
SHA512
f9fc1e1f11e42b38f1684f945b8dcb8dc86955d91b529c7d27346fc55be6657c03fb2b8bb600cf21c534d48a38a0856ca89d7112c2cf324234fa1ce0bceefd52
-
SSDEEP
12288:wOhhl5E5+iEcvpbCC7dgfjO/ofBVA7KlrNaxt:hluA
Static task
static1
Behavioral task
behavioral1
Sample
fc631c84dc3f3fe47a1f526d3f1c7599_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fc631c84dc3f3fe47a1f526d3f1c7599_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
WarzoneUnlockAllToolV3.5_ByRec0n13T
185.215.113.55:36801
-
auth_value
5c57f1eb36bb351b7007ba406bba7afc
Targets
-
-
Target
fc631c84dc3f3fe47a1f526d3f1c7599_JaffaCakes118
-
Size
423KB
-
MD5
fc631c84dc3f3fe47a1f526d3f1c7599
-
SHA1
6d36455501ff48f29c7041b014633fcd098f4580
-
SHA256
b9675e4c8a9934d457626af3be655ad46a9e90c6bedc6dbe80fbcef657af1e2f
-
SHA512
f9fc1e1f11e42b38f1684f945b8dcb8dc86955d91b529c7d27346fc55be6657c03fb2b8bb600cf21c534d48a38a0856ca89d7112c2cf324234fa1ce0bceefd52
-
SSDEEP
12288:wOhhl5E5+iEcvpbCC7dgfjO/ofBVA7KlrNaxt:hluA
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-