General
-
Target
af2395e569399b59d279ba82d42e3029_JaffaCakes118
-
Size
120KB
-
Sample
241129-f121waxpgt
-
MD5
af2395e569399b59d279ba82d42e3029
-
SHA1
804ded213b662b2d598f5dbcc95cb82d04d19dfb
-
SHA256
18173b6f31b6a2cd15cf02670e0de40f2ec1814fe1d514b414741c360697ebd0
-
SHA512
f9d508aefc33e059664f200b91088d9ba752f7bde100f6df143fb3896f6ae76bef5dc36dbb8bf5a5de752e14fbdcff21d5754273458d5208e137d88991689cdc
-
SSDEEP
3072:CgQ0RQozQXo6W66/WInFsvtr0J+C4+zuhC6agueoHKLPW:CgQ0RQocoa1kuhboHZ
Static task
static1
Behavioral task
behavioral1
Sample
af2395e569399b59d279ba82d42e3029_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
redline
@qqqqqry
45.14.12.90:52072
Targets
-
-
Target
af2395e569399b59d279ba82d42e3029_JaffaCakes118
-
Size
120KB
-
MD5
af2395e569399b59d279ba82d42e3029
-
SHA1
804ded213b662b2d598f5dbcc95cb82d04d19dfb
-
SHA256
18173b6f31b6a2cd15cf02670e0de40f2ec1814fe1d514b414741c360697ebd0
-
SHA512
f9d508aefc33e059664f200b91088d9ba752f7bde100f6df143fb3896f6ae76bef5dc36dbb8bf5a5de752e14fbdcff21d5754273458d5208e137d88991689cdc
-
SSDEEP
3072:CgQ0RQozQXo6W66/WInFsvtr0J+C4+zuhC6agueoHKLPW:CgQ0RQocoa1kuhboHZ
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
SectopRAT payload
-
Sectoprat family
-
Suspicious use of SetThreadContext
-