Overview

overview

10

Static

static

3

JaffaCakes...37.exe

windows7-x64

10

JaffaCakes...37.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_284e120522e3eaba050322a27bb5b337

  • Size

    4.5MB

  • Sample

    250106-rla5ds1kbq

  • MD5

    284e120522e3eaba050322a27bb5b337

  • SHA1

    619365bf2d89d676c938be3ca9ca985c93eb54ea

  • SHA256

    3941fc3809ec365eccc765a2ef3479cf8c4d3a5d65a35e0eef2a69a621ea4ea1

  • SHA512

    6a57c30153d6cdf146e90f92c818be8263d7c2e25bb907901ea1c2cd923bb24da8bdf802e3861858e1d85815cfd2b12848f9eb723e2349c2557b0deaead881ec

  • SSDEEP

    98304:SLrDerNYoAJnlLycth1mb1zmZwZvrmauoKAs:HN2JyKMbJmeZvqaE

Score
10/10
redline@younotguddiscoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

@Younotgud

C2

185.209.22.181:29234

Attributes
  • auth_value

    5a0918bd3e8ede8e02c8dd9d106a996d

Targets

    • Target

      JaffaCakes118_284e120522e3eaba050322a27bb5b337

    • Size

      4.5MB

    • MD5

      284e120522e3eaba050322a27bb5b337

    • SHA1

      619365bf2d89d676c938be3ca9ca985c93eb54ea

    • SHA256

      3941fc3809ec365eccc765a2ef3479cf8c4d3a5d65a35e0eef2a69a621ea4ea1

    • SHA512

      6a57c30153d6cdf146e90f92c818be8263d7c2e25bb907901ea1c2cd923bb24da8bdf802e3861858e1d85815cfd2b12848f9eb723e2349c2557b0deaead881ec

    • SSDEEP

      98304:SLrDerNYoAJnlLycth1mb1zmZwZvrmauoKAs:HN2JyKMbJmeZvqaE

    Score
    10/10
    redline@younotguddiscoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks