General
-
Target
36cfb4ec3719fd6a213c49142afbf770_JaffaCakes118
-
Size
820KB
-
Sample
241011-zyhc8sydnk
-
MD5
36cfb4ec3719fd6a213c49142afbf770
-
SHA1
57c07af3c4d7289a764ab778182e1452d7c85fd5
-
SHA256
c6434a502010b50f0ddd34e5ba9f57f2e98ac89670a212ddf74dd761b5a66239
-
SHA512
05638aa4a26f6702fc162caf2441d1c0750a5b526e34db4e87d6e70053864444606b820e942040551c830938dc1185a58a03ebdf30a25310129ebfef6267d359
-
SSDEEP
12288:NkuJH9s/luhL65eA1GoCxMWEKYaUrDkbfVKbO/pg3WdP0E+5:4uV813Q
Static task
static1
Behavioral task
behavioral1
Sample
36cfb4ec3719fd6a213c49142afbf770_JaffaCakes118.exe
Resource
win7-20241010-en
Malware Config
Extracted
redline
id8
qutjuvanus.xyz:80
Targets
-
-
Target
36cfb4ec3719fd6a213c49142afbf770_JaffaCakes118
-
Size
820KB
-
MD5
36cfb4ec3719fd6a213c49142afbf770
-
SHA1
57c07af3c4d7289a764ab778182e1452d7c85fd5
-
SHA256
c6434a502010b50f0ddd34e5ba9f57f2e98ac89670a212ddf74dd761b5a66239
-
SHA512
05638aa4a26f6702fc162caf2441d1c0750a5b526e34db4e87d6e70053864444606b820e942040551c830938dc1185a58a03ebdf30a25310129ebfef6267d359
-
SSDEEP
12288:NkuJH9s/luhL65eA1GoCxMWEKYaUrDkbfVKbO/pg3WdP0E+5:4uV813Q
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-