Overview

overview

10

Static

static

1

JaffaCakes...2f.exe

windows7-x64

10

JaffaCakes...2f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_2086df91eb8d962e4d8268f0074db02f

  • Size

    365KB

  • Sample

    241231-rdf1nstlg1

  • MD5

    2086df91eb8d962e4d8268f0074db02f

  • SHA1

    897a04ce0716b3030ae3a6fe69424bb85f436607

  • SHA256

    86c7004d5deefe31610cdf367992ae38f0fe6442d4ed3bd86ea302818bace551

  • SHA512

    77c4b2ef466f9e7f7e74bacb1aa9843a07b5168c8424884d0959a5f1639f43b0a376e20964665017adaf1bbdbd35d3b8f3ef4b34d4adffbfc10eda7d7cacdb26

  • SSDEEP

    6144:tY+U4CaU2OJSWXQCpr7v3ZG6mPL3SYUIGYyffyDWtEPJ8hJAoesu:eMCaU2gSWN3Z+DXUIGYyffyDWtrhJ4su

Score
10/10
redlinesectoprat4discoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

4

C2

80.87.192.249:16640

Attributes
  • auth_value

    3e4c638c72124e45bcf5164456741cce

Targets

    • Target

      JaffaCakes118_2086df91eb8d962e4d8268f0074db02f

    • Size

      365KB

    • MD5

      2086df91eb8d962e4d8268f0074db02f

    • SHA1

      897a04ce0716b3030ae3a6fe69424bb85f436607

    • SHA256

      86c7004d5deefe31610cdf367992ae38f0fe6442d4ed3bd86ea302818bace551

    • SHA512

      77c4b2ef466f9e7f7e74bacb1aa9843a07b5168c8424884d0959a5f1639f43b0a376e20964665017adaf1bbdbd35d3b8f3ef4b34d4adffbfc10eda7d7cacdb26

    • SSDEEP

      6144:tY+U4CaU2OJSWXQCpr7v3ZG6mPL3SYUIGYyffyDWtEPJ8hJAoesu:eMCaU2gSWN3Z+DXUIGYyffyDWtrhJ4su

    Score
    10/10
    redlinesectoprat4discoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks