General

  • Target

    50e028cead5a613978c91ced2d48c6c8.exe

  • Size

    400KB

  • MD5

    50e028cead5a613978c91ced2d48c6c8

  • SHA1

    f9252a5702dbbffc82f9b6d9f133cdc2d1a91355

  • SHA256

    2bf5be8c9b5e84d6eef09d6de968796a277ead7885cd96855f7637ddba987288

  • SHA512

    2bec275606e8facd66645fe45c01505e7e23314d1763e4ba0df4371593bc504f22cf8056824597aa64acd1de93e56eaaefecbf9b3fc0466c9906a02478239a76

  • SSDEEP

    6144:Nv0kF315GTFcbCW+Tnc5tjhAUcGIx0qa0Hv0CA02d0OyQR1N4GVU6M8qdS2vnTtz:Nv0a1j2Wj51lcK53U6CdSc2DLw

Score
10/10

Malware Config

Extracted

Family

privateloader

C2

http://163.123.143.4/proxies.txt

http://107.182.129.251/server.txt

pastebin.com/raw/A7dSG1te

http://wfsdragon.ru/api/setStats.php

163.123.143.12

Attributes
  • payload_url

    https://vipsofts.xyz/files/mega.bmp

Signatures

Files

  • 50e028cead5a613978c91ced2d48c6c8.exe
    .exe windows x86

    9734ba8626408cec04bb8fa7d8bb6e83


    Headers

    Imports

    Sections