Overview

overview

10

Static

static

3

JaffaCakes...67.exe

windows7-x64

10

JaffaCakes...67.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_087db85361ae09dabfe7b117b3b67c67

  • Size

    369KB

  • Sample

    250106-cnmtmssney

  • MD5

    087db85361ae09dabfe7b117b3b67c67

  • SHA1

    16f795b3c653c570bcc568a069aa1411bd45ca84

  • SHA256

    269c025d18d469c5d1e5f57bb20609532d82ce20c1084c3c46245d84cfa57691

  • SHA512

    e86f60b8ff8f46ffce8356bed5d880bd1ceedf9e4aee3ed44e9d2fede3099c65a1083c1b32948a78590c5c5555580c5a97974061f293abceb80aded27b3ac9c5

  • SSDEEP

    6144:NGbrbie7AuA5cu0pMS6wRdXLDl/dkzxWr+5CB5OUGbLQaY69ELAhi:NsDT6wf9KzxF5eGbLQaY6CA

Score
10/10
redlinesectopratsewpalpdiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

sewPalp

C2

185.215.113.29:24645

Attributes
  • auth_value

    41d3df6d093b1e36993abf16af0d6f2d

Targets

    • Target

      JaffaCakes118_087db85361ae09dabfe7b117b3b67c67

    • Size

      369KB

    • MD5

      087db85361ae09dabfe7b117b3b67c67

    • SHA1

      16f795b3c653c570bcc568a069aa1411bd45ca84

    • SHA256

      269c025d18d469c5d1e5f57bb20609532d82ce20c1084c3c46245d84cfa57691

    • SHA512

      e86f60b8ff8f46ffce8356bed5d880bd1ceedf9e4aee3ed44e9d2fede3099c65a1083c1b32948a78590c5c5555580c5a97974061f293abceb80aded27b3ac9c5

    • SSDEEP

      6144:NGbrbie7AuA5cu0pMS6wRdXLDl/dkzxWr+5CB5OUGbLQaY69ELAhi:NsDT6wf9KzxF5eGbLQaY6CA

    Score
    10/10
    redlinesectopratsewpalpdiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks