General
-
Target
0f843dd136945a362283fcec9967d6c7_JaffaCakes118
-
Size
133KB
-
Sample
241003-thhfeatfjk
-
MD5
0f843dd136945a362283fcec9967d6c7
-
SHA1
789fb2bb3695129b3030c31856c5e832aaf9393d
-
SHA256
c05c747f0cd5f83b91014059a784d2558dbd5df4a4c3f32bfd0cf22d50b8b784
-
SHA512
fa8d1823d1503b44fbb19311bcf31c1804e6b6e15048b8fda8dd7548bc388d6abfcaef89715528fd5b6f383d3bc8e8ecd9e5893ee0e0200be92d658b604f50c0
-
SSDEEP
3072:yALhMGzAlkpKcsdvM1bdQ4n78iJzlZzB2KMsiUU:yealTdK/8itB2eU
Static task
static1
Behavioral task
behavioral1
Sample
0f843dd136945a362283fcec9967d6c7_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
redline
@lMinoryl
77.83.175.99:4235
Targets
-
-
Target
0f843dd136945a362283fcec9967d6c7_JaffaCakes118
-
Size
133KB
-
MD5
0f843dd136945a362283fcec9967d6c7
-
SHA1
789fb2bb3695129b3030c31856c5e832aaf9393d
-
SHA256
c05c747f0cd5f83b91014059a784d2558dbd5df4a4c3f32bfd0cf22d50b8b784
-
SHA512
fa8d1823d1503b44fbb19311bcf31c1804e6b6e15048b8fda8dd7548bc388d6abfcaef89715528fd5b6f383d3bc8e8ecd9e5893ee0e0200be92d658b604f50c0
-
SSDEEP
3072:yALhMGzAlkpKcsdvM1bdQ4n78iJzlZzB2KMsiUU:yealTdK/8itB2eU
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-