General
-
Target
0x000400000001fca6-183.dat
-
Size
168KB
-
MD5
b5bb62a0bccc899dd14bbd8592654e65
-
SHA1
92f402078fe2f1407572171ddd6e20b0c3c43b58
-
SHA256
59682f651afc24ece0f44d456db1ebc0d1457c89256e00c0cac9939241d1e66b
-
SHA512
29356966ee5c26580ad27daf90fbfac9a1a61c93149bc31295c1395e4a1cf0951a6dbc7a2359a996fa51d32ccd95fff8de8609c2930c9da7577c915645e5654b
-
SSDEEP
1536:/X+zuWWqhVZCGWuiaPcu8W6dDUcf3C8AOTGqVYhWbuVn3N0+Q784wYkI8e8hv:PGznR8WCDJ3t4qVYA43S+Q7t8e8hv
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
lider
C2
217.196.96.102:4132
Attributes
-
auth_value
86fd821be73f28dc4769ad612e92a599
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0x000400000001fca6-183.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections