Overview

overview

10

Static

static

3

JaffaCakes...ac.exe

windows7-x64

10

JaffaCakes...ac.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_4c9b9e15eedcd8d1b8b24015531b8bac

  • Size

    367KB

  • Sample

    250107-epdy8stlay

  • MD5

    4c9b9e15eedcd8d1b8b24015531b8bac

  • SHA1

    e8d11a0da7026767e7f6ff166e317aac817e4a10

  • SHA256

    c36705f62775d43853517c3c43763595a92adb0d0fa1fd2f59d3d55748b872a1

  • SHA512

    c9e375f2372204e3f48537e18fd9a77a9c159f06e80d20c0c8d4b9ef2704ca476736c9a0a5056a3bc330c1b5b7a09a73da1b988cf69b494f9fc95a045a88ee56

  • SSDEEP

    6144:dpASCddBafIMkEp40Q5dZiOc+DLhAjNdZII/fbG85w0Z8MvkiX:J8ppV0Q5XbD9EXZII/fhw0Z1BX

Score
10/10
redlinesectopratsewpalpdiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

sewPalp

C2

185.215.113.29:24645

Attributes
  • auth_value

    41d3df6d093b1e36993abf16af0d6f2d

Targets

    • Target

      JaffaCakes118_4c9b9e15eedcd8d1b8b24015531b8bac

    • Size

      367KB

    • MD5

      4c9b9e15eedcd8d1b8b24015531b8bac

    • SHA1

      e8d11a0da7026767e7f6ff166e317aac817e4a10

    • SHA256

      c36705f62775d43853517c3c43763595a92adb0d0fa1fd2f59d3d55748b872a1

    • SHA512

      c9e375f2372204e3f48537e18fd9a77a9c159f06e80d20c0c8d4b9ef2704ca476736c9a0a5056a3bc330c1b5b7a09a73da1b988cf69b494f9fc95a045a88ee56

    • SSDEEP

      6144:dpASCddBafIMkEp40Q5dZiOc+DLhAjNdZII/fbG85w0Z8MvkiX:J8ppV0Q5XbD9EXZII/fhw0Z1BX

    Score
    10/10
    redlinesectopratsewpalpdiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks