General
-
Target
JaffaCakes118_75d343402314f90b697908cdbc8d34c0f0c22348ba218a01466af92ff754db47
-
Size
714.0MB
-
Sample
241224-3fl59a1kaq
-
MD5
875aec5a2c9e3e850e922570a2239080
-
SHA1
c6c39d29f88e88b582507336a3567c660259f724
-
SHA256
75d343402314f90b697908cdbc8d34c0f0c22348ba218a01466af92ff754db47
-
SHA512
517423303e09626a80fea90f2dfd6e8941f77154b3bb4db0bd6aae4269ee32eabaacb47ac4a2b46f67c8a5301940d12ef19c25520319d66dab8a21421fe07917
-
SSDEEP
6144:X8KNYtfAZQn6mNf8DXjeCAOKI8QKZZ18k8ui5XwwT1:X7YfAZQn6pQIJcZ1TXM3T1
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_75d343402314f90b697908cdbc8d34c0f0c22348ba218a01466af92ff754db47.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_75d343402314f90b697908cdbc8d34c0f0c22348ba218a01466af92ff754db47.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
5799166626_99
krimeaboom.xyz:28786
-
auth_value
511183fc8a55d2a94b4bf80b68e98d08
Targets
-
-
Target
JaffaCakes118_75d343402314f90b697908cdbc8d34c0f0c22348ba218a01466af92ff754db47
-
Size
714.0MB
-
MD5
875aec5a2c9e3e850e922570a2239080
-
SHA1
c6c39d29f88e88b582507336a3567c660259f724
-
SHA256
75d343402314f90b697908cdbc8d34c0f0c22348ba218a01466af92ff754db47
-
SHA512
517423303e09626a80fea90f2dfd6e8941f77154b3bb4db0bd6aae4269ee32eabaacb47ac4a2b46f67c8a5301940d12ef19c25520319d66dab8a21421fe07917
-
SSDEEP
6144:X8KNYtfAZQn6mNf8DXjeCAOKI8QKZZ18k8ui5XwwT1:X7YfAZQn6pQIJcZ1TXM3T1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-