General
-
Target
04f8f3d4e4233e1d3b2ff95aa1701132_JaffaCakes118
-
Size
408KB
-
Sample
241001-j2brvstaqd
-
MD5
04f8f3d4e4233e1d3b2ff95aa1701132
-
SHA1
a3238953db79dd18741976dfbce95251ede68700
-
SHA256
180206edd3f58113ba0129e7f815b38a6675c6f274b82b68df7986e9c6a82715
-
SHA512
07b8ee0b457b05c5d3b1fa39201770e1c997480d25e2d475cef7822481a91dc6fb20dba909bbd9d79ba11f03c7464a30f3f13c9dae1fad9b76a549b425a71ea8
-
SSDEEP
6144:CSF2LL4EwvJFtF3qtntovUHkaN4yDcYz6RM9AoNvapJzNe6vJ7xdD9nBSrka:+RwbKntxHuiL1apB/vJ7xDBSIa
Static task
static1
Behavioral task
behavioral1
Sample
04f8f3d4e4233e1d3b2ff95aa1701132_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
04f8f3d4e4233e1d3b2ff95aa1701132_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
@keynejkee
164.132.72.186:18717
Targets
-
-
Target
04f8f3d4e4233e1d3b2ff95aa1701132_JaffaCakes118
-
Size
408KB
-
MD5
04f8f3d4e4233e1d3b2ff95aa1701132
-
SHA1
a3238953db79dd18741976dfbce95251ede68700
-
SHA256
180206edd3f58113ba0129e7f815b38a6675c6f274b82b68df7986e9c6a82715
-
SHA512
07b8ee0b457b05c5d3b1fa39201770e1c997480d25e2d475cef7822481a91dc6fb20dba909bbd9d79ba11f03c7464a30f3f13c9dae1fad9b76a549b425a71ea8
-
SSDEEP
6144:CSF2LL4EwvJFtF3qtntovUHkaN4yDcYz6RM9AoNvapJzNe6vJ7xdD9nBSrka:+RwbKntxHuiL1apB/vJ7xDBSIa
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-