General
-
Target
1fb2f78775ac4be2f8230f035106fd7e_JaffaCakes118
-
Size
484KB
-
Sample
241008-fl4wxsteph
-
MD5
1fb2f78775ac4be2f8230f035106fd7e
-
SHA1
f61caecd1e22e55d5571653704a88c426746b2db
-
SHA256
c6231b9200325eb3b9e6527eafed2ce7163a239d25c98a7e2d052cdb4cb76a21
-
SHA512
abe17cddaa9054c582af0fbdaa3010a873353b1761887e2abe2d8e3a510391ef16f9cb155f1f6a87091f40f31e8aa7a00765b82ac73bb040544d818c6d5eeda2
-
SSDEEP
12288:Nipy3UiVTARcJ/Ot2FRTPF8bF+anf9pDBL1FpKNn:NirCwUTPF8bVnf9pDLXKNn
Static task
static1
Behavioral task
behavioral1
Sample
1fb2f78775ac4be2f8230f035106fd7e_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
redline
1
95.181.163.3:46303
Targets
-
-
Target
1fb2f78775ac4be2f8230f035106fd7e_JaffaCakes118
-
Size
484KB
-
MD5
1fb2f78775ac4be2f8230f035106fd7e
-
SHA1
f61caecd1e22e55d5571653704a88c426746b2db
-
SHA256
c6231b9200325eb3b9e6527eafed2ce7163a239d25c98a7e2d052cdb4cb76a21
-
SHA512
abe17cddaa9054c582af0fbdaa3010a873353b1761887e2abe2d8e3a510391ef16f9cb155f1f6a87091f40f31e8aa7a00765b82ac73bb040544d818c6d5eeda2
-
SSDEEP
12288:Nipy3UiVTARcJ/Ot2FRTPF8bF+anf9pDBL1FpKNn:NirCwUTPF8bVnf9pDLXKNn
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-