General
-
Target
invoice.bin
-
Size
112KB
-
MD5
578dc07205862f326dcbb041da536c8a
-
SHA1
ef0f065c5cfaadf919dc1a0b12d12a51666a65b0
-
SHA256
feceeb3afd874c734589e961c57c0d722298d0952c3e436606724b7632fb5914
-
SHA512
34fe9798de82d927a7c0ca23a48457e57f502771fdf016a7ed11e508213fe2d9ade29d96923aa28eca006e7897b910850d8d8650beb031497a34313d511f697c
-
SSDEEP
1536:UqsChaqpalbG6jejoigIP43Ywzi0Zb78ivombfexv0ujXyyed2EtmulgS6pH/E2f:SoaKaYP+zi0ZbYe1g0ujyzdYfE2
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
Bitcoin
C2
87.121.221.106:44002
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
SectopRAT payload 1 IoCs
-
Sectoprat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
invoice.bin
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections