General
-
Target
JaffaCakes118_04c7c3b2d55b571fac252d9dd561f2c4
-
Size
4.6MB
-
Sample
250106-a64trssrbj
-
MD5
04c7c3b2d55b571fac252d9dd561f2c4
-
SHA1
2bb6b71c0b334627edb6615d05ad72f756dd2329
-
SHA256
ee4ff9e096c5554c171921dfff68b32ae1e0da087383ff70e6225a91b4a04431
-
SHA512
d09120f9d1a183173d1abed2342d64791bde1a913395b529476be1e7388774f63016fd403d4e34e86670c6cd69037adb27117bf93e759a29424af5656f21a650
-
SSDEEP
98304:vLvpWs+7XJAmM2kG9NL69RSRMj0teD3YsMKBF3+NF9o+AKsAlMK80AIT:sZ/960UD3ZyBxX
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_04c7c3b2d55b571fac252d9dd561f2c4.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_04c7c3b2d55b571fac252d9dd561f2c4.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
@saxtamazer
138.124.186.121:45760
-
auth_value
9b509f3ca2ec2a739920d789362e5ac4
Targets
-
-
Target
JaffaCakes118_04c7c3b2d55b571fac252d9dd561f2c4
-
Size
4.6MB
-
MD5
04c7c3b2d55b571fac252d9dd561f2c4
-
SHA1
2bb6b71c0b334627edb6615d05ad72f756dd2329
-
SHA256
ee4ff9e096c5554c171921dfff68b32ae1e0da087383ff70e6225a91b4a04431
-
SHA512
d09120f9d1a183173d1abed2342d64791bde1a913395b529476be1e7388774f63016fd403d4e34e86670c6cd69037adb27117bf93e759a29424af5656f21a650
-
SSDEEP
98304:vLvpWs+7XJAmM2kG9NL69RSRMj0teD3YsMKBF3+NF9o+AKsAlMK80AIT:sZ/960UD3ZyBxX
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Suspicious use of SetThreadContext
-