General

  • Target

    6262f030ef70b50f62a5557764af2af284e66938605461d91cdcc396a445041b.zip

  • Size

    52KB

  • MD5

    5cdf613c45397716827018ba02a07043

  • SHA1

    eb4be10f0b67ae31e99ff4c05f7ad741b495a17e

  • SHA256

    fa3f7ff4317a6956dc1b73c74ac9d632b8d539580e588b419caffecd9996a22b

  • SHA512

    728f7831ad117caeccc7eb088a51ab390107143dae5f50b2ac918388c5a2c639386378435d6c2d7135e4e0ded01c5af6e9cd28465f803214744a9c5e4602a337

  • SSDEEP

    1536:+DJ09PEK1LVW+rF0i0o+I8wJAnv/8cJ6+iSS1X:+ItJrmi8Qg/8U6fX

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

dimas

C2

185.161.248.75:4132

Attributes
  • auth_value

    a5db9b1c53c704e612bccc93ccdb5539

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6262f030ef70b50f62a5557764af2af284e66938605461d91cdcc396a445041b.zip
    .zip

    Password: infected

  • 6262f030ef70b50f62a5557764af2af284e66938605461d91cdcc396a445041b
    .exe windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections