Overview

overview

10

Static

static

3

JaffaCakes...3e.exe

windows7-x64

10

JaffaCakes...3e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_bac6df9f8ba7066a5844889797df913e

  • Size

    857KB

  • Sample

    250109-dqb1lawjhv

  • MD5

    bac6df9f8ba7066a5844889797df913e

  • SHA1

    ff7bebabd4c86efb31eaa28fa1114da8b12b6192

  • SHA256

    bf542c2fb48b6a244a0e7633fff42a896b6609d1c0f92ff3ad32d1b4508a0a4b

  • SHA512

    4f9d7627e6e7126ddbfdfe681cc6c6cfbe093f70ca166a1985f5d331c4ba599b0536cefc7ef727c567832098c42a8ea331fb5e524eda437bf4baf477a8f825e1

  • SSDEEP

    12288:WwdxXrGUAwh7guaSD5cG11bPxswsScDUja2kDGOXisFAncl79Xr2COrMj:XdxXLdgSGG1tPxsffKfu71W6

Score
10/10
redline@f0lserdiscoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

@F0lser

C2

5.188.118.163:80

Attributes
  • auth_value

    9bde7608ef33d6cbd8c01687cdd53196

Targets

    • Target

      JaffaCakes118_bac6df9f8ba7066a5844889797df913e

    • Size

      857KB

    • MD5

      bac6df9f8ba7066a5844889797df913e

    • SHA1

      ff7bebabd4c86efb31eaa28fa1114da8b12b6192

    • SHA256

      bf542c2fb48b6a244a0e7633fff42a896b6609d1c0f92ff3ad32d1b4508a0a4b

    • SHA512

      4f9d7627e6e7126ddbfdfe681cc6c6cfbe093f70ca166a1985f5d331c4ba599b0536cefc7ef727c567832098c42a8ea331fb5e524eda437bf4baf477a8f825e1

    • SSDEEP

      12288:WwdxXrGUAwh7guaSD5cG11bPxswsScDUja2kDGOXisFAncl79Xr2COrMj:XdxXLdgSGG1tPxsffKfu71W6

    Score
    10/10
    redline@f0lserdiscoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks