Overview

overview

10

Static

static

3

JaffaCakes...f6.exe

windows7-x64

10

JaffaCakes...f6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_4be3a9e0248729cefa09a9b2b9601bf6

  • Size

    4.6MB

  • Sample

    250107-eekn2avmfp

  • MD5

    4be3a9e0248729cefa09a9b2b9601bf6

  • SHA1

    f8132d7a8471c234407bd690219289d695d4be2d

  • SHA256

    656e7fd45410adb4e4529e8fc8ce02a22a87a7d492573562e4eb557e6f2abe0a

  • SHA512

    b17db0ba2d80305d72562af1bf3a71c0be80670d7bc9e45fcae700020431bf2ebdddb9cc0355d568b735bcce52bb0f90a86a2b47059f487f6f928d5662bf0245

  • SSDEEP

    98304:3Lmwt3iDDTsfBbMNYn1Ody2FSgW9Yh1qiVhfLx/AcVC+OPbjp1tOYk8Bm2GRdZrE:oTKBMNOOclYhYib7VC+gb5k8Bf81

Score
10/10
redline@e0neeediscoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

@e0neee

C2

185.209.22.181:29234

Attributes
  • auth_value

    5a0918bd3e8ede8e02c8dd9d106a996d

Targets

    • Target

      JaffaCakes118_4be3a9e0248729cefa09a9b2b9601bf6

    • Size

      4.6MB

    • MD5

      4be3a9e0248729cefa09a9b2b9601bf6

    • SHA1

      f8132d7a8471c234407bd690219289d695d4be2d

    • SHA256

      656e7fd45410adb4e4529e8fc8ce02a22a87a7d492573562e4eb557e6f2abe0a

    • SHA512

      b17db0ba2d80305d72562af1bf3a71c0be80670d7bc9e45fcae700020431bf2ebdddb9cc0355d568b735bcce52bb0f90a86a2b47059f487f6f928d5662bf0245

    • SSDEEP

      98304:3Lmwt3iDDTsfBbMNYn1Ody2FSgW9Yh1qiVhfLx/AcVC+OPbjp1tOYk8Bm2GRdZrE:oTKBMNOOclYhYib7VC+gb5k8Bf81

    Score
    10/10
    redline@e0neeediscoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks