Overview

overview

10

Static

static

3

JaffaCakes...eb.exe

windows7-x64

10

JaffaCakes...eb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_3af93f6a13bc7e1538ce767f2e038742b40aa4f350c3398cd7db0f32612612eb

  • Size

    719.6MB

  • Sample

    241226-2rbyzstmgy

  • MD5

    6d6face929c389cc4c16bc038ae9a052

  • SHA1

    04729d6d23a081661ad083938ac836c016a4ee9b

  • SHA256

    3af93f6a13bc7e1538ce767f2e038742b40aa4f350c3398cd7db0f32612612eb

  • SHA512

    7b40e7097627d1ebd5aa4ef528ff9df1f5241ff2ed2d617d5cdd272d93b226dbb86c4603baf38c4394e13668c5f87d641f5293fa61365f9f123dfa285f53afd0

  • SSDEEP

    12288:0TjJ+9tWPY4X8aefJR6sgSC4GRavz0s0O20VoC:0KWM6sgZ4zvQBOjW

Score
10/10
redline639820823_99discoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

639820823_99

C2

popshues.top:28786

Attributes
  • auth_value

    530397d6b703221b919d6118285563cd

Targets

    • Target

      JaffaCakes118_3af93f6a13bc7e1538ce767f2e038742b40aa4f350c3398cd7db0f32612612eb

    • Size

      719.6MB

    • MD5

      6d6face929c389cc4c16bc038ae9a052

    • SHA1

      04729d6d23a081661ad083938ac836c016a4ee9b

    • SHA256

      3af93f6a13bc7e1538ce767f2e038742b40aa4f350c3398cd7db0f32612612eb

    • SHA512

      7b40e7097627d1ebd5aa4ef528ff9df1f5241ff2ed2d617d5cdd272d93b226dbb86c4603baf38c4394e13668c5f87d641f5293fa61365f9f123dfa285f53afd0

    • SSDEEP

      12288:0TjJ+9tWPY4X8aefJR6sgSC4GRavz0s0O20VoC:0KWM6sgZ4zvQBOjW

    Score
    10/10
    redline639820823_99discoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks