General
-
Target
2b627b331cbc29aa992dad4ff472b838_JaffaCakes118
-
Size
1.1MB
-
Sample
241009-fr1rfsvfng
-
MD5
2b627b331cbc29aa992dad4ff472b838
-
SHA1
a2314a9977ce8fa7d1d879c00fcbed255f4bfd79
-
SHA256
168da325b7ac76ba8d7e945cd9857df577fc1f88babb632e7957624fa9ede59c
-
SHA512
724941bdbdd4aa6f27513eed386fd84112fec996d76b4d613fa5483d798e5097390ac3e07ddbf3a0c68c4cefb408b2eb0b868ba8003278048afd2374ebe978ce
-
SSDEEP
24576:SSC6dMVJDVbNifdYTv6HpYhLuFQpW3oYU4m/a3pLyleTU7gYjZ:G6aVLTv6r2pWYt4kahseIn
Static task
static1
Behavioral task
behavioral1
Sample
2b627b331cbc29aa992dad4ff472b838_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2b627b331cbc29aa992dad4ff472b838_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
1393568129
salanoajalio.xyz:80
Targets
-
-
Target
2b627b331cbc29aa992dad4ff472b838_JaffaCakes118
-
Size
1.1MB
-
MD5
2b627b331cbc29aa992dad4ff472b838
-
SHA1
a2314a9977ce8fa7d1d879c00fcbed255f4bfd79
-
SHA256
168da325b7ac76ba8d7e945cd9857df577fc1f88babb632e7957624fa9ede59c
-
SHA512
724941bdbdd4aa6f27513eed386fd84112fec996d76b4d613fa5483d798e5097390ac3e07ddbf3a0c68c4cefb408b2eb0b868ba8003278048afd2374ebe978ce
-
SSDEEP
24576:SSC6dMVJDVbNifdYTv6HpYhLuFQpW3oYU4m/a3pLyleTU7gYjZ:G6aVLTv6r2pWYt4kahseIn
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-