General
-
Target
JaffaCakes118_114840b7d4c02148771504678ec5194d
-
Size
4.7MB
-
Sample
250106-f8vlrsxmfw
-
MD5
114840b7d4c02148771504678ec5194d
-
SHA1
e13efbdede3abbd0f6b3c906aced6c01e18ab57d
-
SHA256
0ca1d29d1d10c5005fd400c67610a7baf6137c4758a9a28e1241c3d18b7f1e14
-
SHA512
82499fee3f5ac521632de556f35f6c3ee8049f4df7e4b6ec9cd7a60997ca080f3a7d99b6419037be583b05991137e71306bbae0943ec4b98ddcb026f93621f07
-
SSDEEP
98304:hLEGnnBSDWQ6H3YC0ctCMRUeKHCG39M5aiLxwBk2Q:lSEYC02NKR3JkV
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_114840b7d4c02148771504678ec5194d.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_114840b7d4c02148771504678ec5194d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
@veteran322
ananasalit.xyz:81
-
auth_value
55d48a1a930cf4d6f3e2d6bcd0daaf07
Targets
-
-
Target
JaffaCakes118_114840b7d4c02148771504678ec5194d
-
Size
4.7MB
-
MD5
114840b7d4c02148771504678ec5194d
-
SHA1
e13efbdede3abbd0f6b3c906aced6c01e18ab57d
-
SHA256
0ca1d29d1d10c5005fd400c67610a7baf6137c4758a9a28e1241c3d18b7f1e14
-
SHA512
82499fee3f5ac521632de556f35f6c3ee8049f4df7e4b6ec9cd7a60997ca080f3a7d99b6419037be583b05991137e71306bbae0943ec4b98ddcb026f93621f07
-
SSDEEP
98304:hLEGnnBSDWQ6H3YC0ctCMRUeKHCG39M5aiLxwBk2Q:lSEYC02NKR3JkV
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
SectopRAT payload
-
Sectoprat family
-
Suspicious use of SetThreadContext
-