General

  • Target

    0x0007000000014fb5-78.dat

  • Size

    146KB

  • MD5

    07360cea1d6ed7318ff53befe54eabc0

  • SHA1

    96cedc618dced282e4240b0be1a5612f1038f918

  • SHA256

    deb91f5b31c89a61a107c8bb0b3e920144b6004ace7f16a3adb2b0fe07de7972

  • SHA512

    878209898d34dd55db49ee3ec1a1de6b465b40d65f002b795d3a44a0dd37fe8a6100a7202c66194d257016f4bc71782595ef889dc1ecda0ddf1735f3fabec8d2

  • SSDEEP

    3072:vV+m5cVQmRSx9WCEkEhPW67V8BjVhtZN8e8ht:vj4oihwlVht3

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

diza

C2

185.161.248.37:4138

Attributes
  • auth_value

    0d09b419c8bc967f91c68be4a17e92ee

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0x0007000000014fb5-78.dat
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections