Overview

overview

10

Static

static

3

JaffaCakes...0d.exe

windows7-x64

10

JaffaCakes...0d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_5d1b43aa12e649d3e5c0c0e5613efc0d

  • Size

    4.6MB

  • Sample

    250107-maek8awqht

  • MD5

    5d1b43aa12e649d3e5c0c0e5613efc0d

  • SHA1

    09b2e41bd34ecbcf2695fcf0740241a46e047446

  • SHA256

    659da5421603ae2019fbe91da46bcc8cfb61ce264bfe95387b46a9af0169a39f

  • SHA512

    6dfaa547986d2ee938a693b70d926101cae7f87dfff20760bcb1615348c93a0eba41254b14e51ca8dec197991c84081097a46d4d056d347654b1de8c6ccce597

  • SSDEEP

    98304:8LaQiDWipdY7Kp0BDYHTAbAVqhz9AVB1q9Ij1oGKUZ37Cbvv7G/vot:xWQCs0BEzAcohz9ymIj1oGzZ37CbvkQt

Score
10/10
redline1975890990discoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

1975890990

C2

94.26.248.120:63731

Attributes
  • auth_value

    ee8187fd574be73a935e073f8b5705eb

Targets

    • Target

      JaffaCakes118_5d1b43aa12e649d3e5c0c0e5613efc0d

    • Size

      4.6MB

    • MD5

      5d1b43aa12e649d3e5c0c0e5613efc0d

    • SHA1

      09b2e41bd34ecbcf2695fcf0740241a46e047446

    • SHA256

      659da5421603ae2019fbe91da46bcc8cfb61ce264bfe95387b46a9af0169a39f

    • SHA512

      6dfaa547986d2ee938a693b70d926101cae7f87dfff20760bcb1615348c93a0eba41254b14e51ca8dec197991c84081097a46d4d056d347654b1de8c6ccce597

    • SSDEEP

      98304:8LaQiDWipdY7Kp0BDYHTAbAVqhz9AVB1q9Ij1oGKUZ37Cbvv7G/vot:xWQCs0BEzAcohz9ymIj1oGzZ37CbvkQt

    Score
    10/10
    redline1975890990discoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks