General
-
Target
JaffaCakes118_07bd3991a65122288791637cd8b93ac47967936ff81c63e444e60db1a344ff9f
-
Size
699.5MB
-
Sample
241226-2dcy5atkem
-
MD5
4bfc9733f058b7cd0e00f4d6e59d4abc
-
SHA1
7848507321b95c6777ed4959192c6612311da014
-
SHA256
07bd3991a65122288791637cd8b93ac47967936ff81c63e444e60db1a344ff9f
-
SHA512
34783860f6fc2a0309690ffb7fd5fcaff1c39e4c65f3693e644d7f9c10b515509ddaa2e2fb9db2a67c03a86d2c147fbf3ed04a73ae719ebaa1bbfacdc1bc046c
-
SSDEEP
3072:U32GN6RBgsyO0L4acZfWTUan01gGoICMj6XF+osAMBWxiMZYY8+BTj:mfNc/0XUxCpwoeBWxiMZYY8+Bn
Malware Config
Extracted
redline
1565468420_99
https://pastebin.com/raw/8baCJyMF
Targets
-
-
Target
JaffaCakes118_07bd3991a65122288791637cd8b93ac47967936ff81c63e444e60db1a344ff9f
-
Size
699.5MB
-
MD5
4bfc9733f058b7cd0e00f4d6e59d4abc
-
SHA1
7848507321b95c6777ed4959192c6612311da014
-
SHA256
07bd3991a65122288791637cd8b93ac47967936ff81c63e444e60db1a344ff9f
-
SHA512
34783860f6fc2a0309690ffb7fd5fcaff1c39e4c65f3693e644d7f9c10b515509ddaa2e2fb9db2a67c03a86d2c147fbf3ed04a73ae719ebaa1bbfacdc1bc046c
-
SSDEEP
3072:U32GN6RBgsyO0L4acZfWTUan01gGoICMj6XF+osAMBWxiMZYY8+BTj:mfNc/0XUxCpwoeBWxiMZYY8+Bn
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-