Extracted

• • Target

    JaffaCakes118_5801c11a8af174c11c10d3f8b61edfa8

  • Size

    2.3MB

  • MD5

    5801c11a8af174c11c10d3f8b61edfa8

  • SHA1

    5c8706cd7d6fde8f4df0931f84439dbc53a72c33

  • SHA256

    22224dbc9deb5666654ae9542ad626b6426c6cb0b34e02b5e75b4617941f8142

  • SHA512

    f2a3499201b32bd77f8906bc5653ab1632dea4f77cfbe6f4938b59e363c205feb29c3314a0f98eb3399ce79ea601569f7c8d234217a1d7e9878bb9572a5689a5

  • SSDEEP

    49152:M5+hFlLY4Xt9TdO14EQBg/GM/OxvBVjkQOtwtqpsSgxiz8lVHTIioOFZQ+c:M5aFlxPTdO14LBTnnjkdtwtq+BxiqZ7c

  Score

  10^/10

  redline@spoon_machine606060discoveryinfostealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2