General
-
Target
JaffaCakes118_683ba2a722b30d2cb9998b8769592a96f320bca1b58fbfe24539f78ccdef3b8b
-
Size
703.6MB
-
Sample
241222-dffk2a1lej
-
MD5
3a6ad662a26c53904a490a5822a46e73
-
SHA1
d3d4e9eeadac043024d2b792343b8383ed3b7aae
-
SHA256
683ba2a722b30d2cb9998b8769592a96f320bca1b58fbfe24539f78ccdef3b8b
-
SHA512
a571165b916effb6b48b334b62d231af85569c0540fa37e293d64316aa371870e225aaad493d4433bcdd196202bac262e4d67fbc925cd6ee04d28971297fc1cf
-
SSDEEP
3072:QIdXDNUQazyqWoej+BgKlnsrU4Ze/+LSfKt5aN/MtYatJKgG9NLx:rdTNUQ2W0eKlnsrdZe/qUq5cIHKgG9N
Malware Config
Extracted
redline
6351529797_99
https://pastebin.com/raw/8baCJyMF
Targets
-
-
Target
JaffaCakes118_683ba2a722b30d2cb9998b8769592a96f320bca1b58fbfe24539f78ccdef3b8b
-
Size
703.6MB
-
MD5
3a6ad662a26c53904a490a5822a46e73
-
SHA1
d3d4e9eeadac043024d2b792343b8383ed3b7aae
-
SHA256
683ba2a722b30d2cb9998b8769592a96f320bca1b58fbfe24539f78ccdef3b8b
-
SHA512
a571165b916effb6b48b334b62d231af85569c0540fa37e293d64316aa371870e225aaad493d4433bcdd196202bac262e4d67fbc925cd6ee04d28971297fc1cf
-
SSDEEP
3072:QIdXDNUQazyqWoej+BgKlnsrU4Ze/+LSfKt5aN/MtYatJKgG9NLx:rdTNUQ2W0eKlnsrdZe/qUq5cIHKgG9N
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-