General
-
Target
4171f269ee39258b1f57e1b61f1c9ef4_JaffaCakes118
-
Size
290KB
-
Sample
241013-xahb8a1gpb
-
MD5
4171f269ee39258b1f57e1b61f1c9ef4
-
SHA1
87fa0a878fcc87d7baa33b33a1c5a85e343852bb
-
SHA256
2f0098ea983c398144907bdcf7943f8bb22090fee1a59636cd6414343f5f9739
-
SHA512
8ecc67f1ef056905c592618ace515f176b4f1fa3a2afec890f0c7d107c5689a1ad979a27dcf647bad2e8e18fecd36effa18a1ba823f1146e8ae70bc549fb52bf
-
SSDEEP
6144:8vSZYYaKAlpzXP+LByNfRRl/zY/hTYvL0Sk1G:8C+XP+1w9zYWvL0v1G
Static task
static1
Behavioral task
behavioral1
Sample
4171f269ee39258b1f57e1b61f1c9ef4_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
redline
@souoy
135.125.40.64:15456
Targets
-
-
Target
4171f269ee39258b1f57e1b61f1c9ef4_JaffaCakes118
-
Size
290KB
-
MD5
4171f269ee39258b1f57e1b61f1c9ef4
-
SHA1
87fa0a878fcc87d7baa33b33a1c5a85e343852bb
-
SHA256
2f0098ea983c398144907bdcf7943f8bb22090fee1a59636cd6414343f5f9739
-
SHA512
8ecc67f1ef056905c592618ace515f176b4f1fa3a2afec890f0c7d107c5689a1ad979a27dcf647bad2e8e18fecd36effa18a1ba823f1146e8ae70bc549fb52bf
-
SSDEEP
6144:8vSZYYaKAlpzXP+LByNfRRl/zY/hTYvL0Sk1G:8C+XP+1w9zYWvL0v1G
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-