Overview

overview

10

Static

static

10

dd09828ffb...a7.exe

windows7-x64

10

dd09828ffb...a7.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2c5a75b7d24847bc5d206adb5c630a18.bin

  • Size

    43KB

  • MD5

    73239ef2c5e1998bdeae5e22b4bda931

  • SHA1

    64e32e3ae3e25adf3aab79c9af7edc2ec10d6a6a

  • SHA256

    06562e93ab110719c2267db3d61924930829bf936c069ab83aad153764eb2eee

  • SHA512

    bfe7b75c37eacadb390f6222d58d005d46f4d7cdca9b81d22842a2229b09eeee6ec5d429db5b76231b038629f478c451a10f2a0c3a64f47450d64e848ce47273

  • SSDEEP

    768:4Zg+L9jtXV6TDKYurFL0/uHtWRnyLyzzl8lQqY57I8jFOkQ9wSEpjEscaD:4ZgS9B9Lpk/Clik8jFOkQDEpjEsj

Score
10/10
cryptoredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

crypto

C2

163.123.142.235:61068

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2c5a75b7d24847bc5d206adb5c630a18.bin
    .zip

    Password: infected

  • dd09828ffbfdd784f83cac83641b8a0c3ca04b76becabb0ab5d170ad1bc169a7.exe
    .exe windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections