General
-
Target
JaffaCakes118_628c16dd75d00f4afc06d3a43c8b4b1f
-
Size
4.7MB
-
Sample
250102-enk16aslgt
-
MD5
628c16dd75d00f4afc06d3a43c8b4b1f
-
SHA1
a13ebd469f1a16770acdc542469c8209f533cad7
-
SHA256
272bea37ad116a17d3a333082a6d0a5295271f54b5b959b771ac340b132c063f
-
SHA512
918a26d7dbee6d926010ec12f7d9cc19cf9baab99467087154720b9e1ad469c5d47a9346a84f4a2312776100d73b99948e970757d900f70a9e2dbe46a79ccd4f
-
SSDEEP
98304:0LimPiasL0jtXpOcx3OIf0/APJsWCKIbsC5JBRFSI6rqUN:ksQhpxOIFsf1TjFSd7
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_628c16dd75d00f4afc06d3a43c8b4b1f.exe
Resource
win7-20240903-en
Malware Config
Extracted
redline
@Joindsa
164.132.202.45:20588
-
auth_value
3e9eda97b6589ac15756de0ba010d48f
Targets
-
-
Target
JaffaCakes118_628c16dd75d00f4afc06d3a43c8b4b1f
-
Size
4.7MB
-
MD5
628c16dd75d00f4afc06d3a43c8b4b1f
-
SHA1
a13ebd469f1a16770acdc542469c8209f533cad7
-
SHA256
272bea37ad116a17d3a333082a6d0a5295271f54b5b959b771ac340b132c063f
-
SHA512
918a26d7dbee6d926010ec12f7d9cc19cf9baab99467087154720b9e1ad469c5d47a9346a84f4a2312776100d73b99948e970757d900f70a9e2dbe46a79ccd4f
-
SSDEEP
98304:0LimPiasL0jtXpOcx3OIf0/APJsWCKIbsC5JBRFSI6rqUN:ksQhpxOIFsf1TjFSd7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
SectopRAT payload
-
Sectoprat family
-
Suspicious use of SetThreadContext
-