Overview

overview

10

Static

static

3

JaffaCakes...09.exe

windows7-x64

10

JaffaCakes...09.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_695f69c6f2dc20da8dc09182fbcf2b09

  • Size

    4.7MB

  • Sample

    250103-brbecatlgt

  • MD5

    695f69c6f2dc20da8dc09182fbcf2b09

  • SHA1

    9f0815868f90780ad7a40d5521d31d76d2969a79

  • SHA256

    25fffa8242fa6451b7854125fe7dda67c23595e79a63087261c26c449f5bf0b4

  • SHA512

    452c1f7b08cfb2174ee2506d1efd2d64cb596ac22661ff088bca68ba96e2b037a0a7d59650f3f28bec49dfb47c64099a79b92b227063cfacd769fb84564c3a53

  • SSDEEP

    98304:QLcelvWSYfjJbP73mgiNOiSXiFib2aXUnl8fDS0Yln2xr8VYIOqeZp:zwibP73mb0i7FT3SLS0XrZ/

Score
10/10
redlinesectoprat@syelorediscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

@syelore

C2

cavanynnari.xyz:81

Attributes
  • auth_value

    584b781c29c4ce798ce009c5b16b2263

Targets

    • Target

      JaffaCakes118_695f69c6f2dc20da8dc09182fbcf2b09

    • Size

      4.7MB

    • MD5

      695f69c6f2dc20da8dc09182fbcf2b09

    • SHA1

      9f0815868f90780ad7a40d5521d31d76d2969a79

    • SHA256

      25fffa8242fa6451b7854125fe7dda67c23595e79a63087261c26c449f5bf0b4

    • SHA512

      452c1f7b08cfb2174ee2506d1efd2d64cb596ac22661ff088bca68ba96e2b037a0a7d59650f3f28bec49dfb47c64099a79b92b227063cfacd769fb84564c3a53

    • SSDEEP

      98304:QLcelvWSYfjJbP73mgiNOiSXiFib2aXUnl8fDS0Yln2xr8VYIOqeZp:zwibP73mb0i7FT3SLS0XrZ/

    Score
    10/10
    redlinesectoprat@syelorediscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks