Overview

overview

10

Static

static

3

JaffaCakes...f2.exe

windows7-x64

1

JaffaCakes...f2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_c3fa21431a8dbc2ee9f02b1ae54ce5da58b55d4d9565143ea73cba8e7c2b5cf2

  • Size

    741.0MB

  • Sample

    241225-vd96aszkbj

  • MD5

    48e90decbbe56eda8001688b87caeece

  • SHA1

    4d0c27524f6c22b8fef4fd239eaa32a72fc838ba

  • SHA256

    c3fa21431a8dbc2ee9f02b1ae54ce5da58b55d4d9565143ea73cba8e7c2b5cf2

  • SHA512

    628936da90bd2acc4795ac3c533e0419ddd8bb268c310212698da4d8fb7c45a2ef7dc8607d1d80258951633862338d1a6060d1108294785a57d28be93ef7a1d0

  • SSDEEP

    98304:A2myYARohKbEc9LUHAMqsmigf4q7soMpTPwKu3/ud0GiBZ4PYlRZCDw1BQRt7172:AMYARLbEpjgfsTPwKu3/uFiZgQB1Y

Score
10/10
redline5586907113_99discoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

5586907113_99

C2

gector.top:3306

gector.top:28786
Attributes
  • auth_value

    c900400200e82deccdf482a23f104d1d

Targets

    • Target

      JaffaCakes118_c3fa21431a8dbc2ee9f02b1ae54ce5da58b55d4d9565143ea73cba8e7c2b5cf2

    • Size

      741.0MB

    • MD5

      48e90decbbe56eda8001688b87caeece

    • SHA1

      4d0c27524f6c22b8fef4fd239eaa32a72fc838ba

    • SHA256

      c3fa21431a8dbc2ee9f02b1ae54ce5da58b55d4d9565143ea73cba8e7c2b5cf2

    • SHA512

      628936da90bd2acc4795ac3c533e0419ddd8bb268c310212698da4d8fb7c45a2ef7dc8607d1d80258951633862338d1a6060d1108294785a57d28be93ef7a1d0

    • SSDEEP

      98304:A2myYARohKbEc9LUHAMqsmigf4q7soMpTPwKu3/ud0GiBZ4PYlRZCDw1BQRt7172:AMYARLbEpjgfsTPwKu3/uFiZgQB1Y

    Score
    10/10
    redline5586907113_99discoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks