General

  • Target

    l0018271.exe

  • Size

    145KB

  • MD5

    1d0a8c298ca0d1a1b2fd8985312d9d8e

  • SHA1

    610b0415eb59b5aca7834b7c6210f004c2ee5ea3

  • SHA256

    1dfb6e526926ccf3b0ebbafa744cc906a2293921ee2d3dc5dd16f1149beea34e

  • SHA512

    d0550475a0b6786600d17d2a4f1ee99f7f8e5c88fb0e628c5732f369333cfb9a1991e683fef35fbbfa91b6c75ce2f58ba68e0fda25c02c655e925aa82115863f

  • SSDEEP

    3072:CV+m5cVQmRSxUV/vz6eBtdpPh3ZQ8e8hH:Cj4FnhJh3a

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

doma

C2

185.161.248.75:4132

Attributes
  • auth_value

    8be53af7f78567706928d0abef953ef4

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • l0018271.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections