General
-
Target
362fdb2e05006cd91ae2d090179b4642_JaffaCakes118
-
Size
373KB
-
Sample
241011-w1xzxs1ern
-
MD5
362fdb2e05006cd91ae2d090179b4642
-
SHA1
b369e9475eea2e950112592944df5f2b88468fb9
-
SHA256
574e22b44f2b1a0af1e8344a2e674d62c246287fa41c9ee3725120bc329a8a89
-
SHA512
03b049d1214d55e0f8c64b617a8ad04c4aed8a4d97a4bb141c8165fb4d77253291c599f949789b88b6c95fee0a84b4d88b4073e5526269a80dfb57aaab46adff
-
SSDEEP
6144:YoJy3BwMMp7pjyp1UpjomkaKL0l7aRHeh/IpxA3q+/spImOc8ghwBmVea0lHC7aZ:5Lpj+Fmkz9ehQQ6sspImOc8owba0lRdf
Static task
static1
Behavioral task
behavioral1
Sample
362fdb2e05006cd91ae2d090179b4642_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
redline
Ninja0809
185.92.73.140:80
Targets
-
-
Target
362fdb2e05006cd91ae2d090179b4642_JaffaCakes118
-
Size
373KB
-
MD5
362fdb2e05006cd91ae2d090179b4642
-
SHA1
b369e9475eea2e950112592944df5f2b88468fb9
-
SHA256
574e22b44f2b1a0af1e8344a2e674d62c246287fa41c9ee3725120bc329a8a89
-
SHA512
03b049d1214d55e0f8c64b617a8ad04c4aed8a4d97a4bb141c8165fb4d77253291c599f949789b88b6c95fee0a84b4d88b4073e5526269a80dfb57aaab46adff
-
SSDEEP
6144:YoJy3BwMMp7pjyp1UpjomkaKL0l7aRHeh/IpxA3q+/spImOc8ghwBmVea0lHC7aZ:5Lpj+Fmkz9ehQQ6sspImOc8owba0lRdf
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-