General
-
Target
030f2e3da969d7d9e8aa9ef66e382210_JaffaCakes118
-
Size
1.0MB
-
Sample
240930-yr82yasgmk
-
MD5
030f2e3da969d7d9e8aa9ef66e382210
-
SHA1
40a394d130f14884c3ddca145c06e8e7aa055054
-
SHA256
84275c2fe866a981cdb9fcca15a524035568eb5d9fa4e8d9159fa32c48fd1425
-
SHA512
e5273ce6b98be6243a4c4f08c72ae88e13583c0dfe5b6b7010400d8221b72d1875c7e1a9b538257bbd5f753a7ac04d7a3f7b2e86db0f5c6069ed7827fa15489f
-
SSDEEP
24576:fXjzd7ibgr9TFOeuv42h30ojS3i9aoW+MhW0LwQEwRbH:I0ojS3iIopMhWqwJI
Static task
static1
Behavioral task
behavioral1
Sample
030f2e3da969d7d9e8aa9ef66e382210_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
030f2e3da969d7d9e8aa9ef66e382210_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
Lexa4okBTC
45.140.147.31:22127
Targets
-
-
Target
030f2e3da969d7d9e8aa9ef66e382210_JaffaCakes118
-
Size
1.0MB
-
MD5
030f2e3da969d7d9e8aa9ef66e382210
-
SHA1
40a394d130f14884c3ddca145c06e8e7aa055054
-
SHA256
84275c2fe866a981cdb9fcca15a524035568eb5d9fa4e8d9159fa32c48fd1425
-
SHA512
e5273ce6b98be6243a4c4f08c72ae88e13583c0dfe5b6b7010400d8221b72d1875c7e1a9b538257bbd5f753a7ac04d7a3f7b2e86db0f5c6069ed7827fa15489f
-
SSDEEP
24576:fXjzd7ibgr9TFOeuv42h30ojS3i9aoW+MhW0LwQEwRbH:I0ojS3iIopMhWqwJI
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-