General

  • Target

    0x0007000000014c13-145.dat

  • Size

    127KB

  • MD5

    3a7672c0d0002621ffb756afab204616

  • SHA1

    e047757a76f8c9ee3c6e5af8068195d263b38bd0

  • SHA256

    3cbdedbfb28b0c6dbb28631b4e215fac48f965cb2c5843033ad8be0bcdda717c

  • SHA512

    b9c263d84ee5448de87537866854a8e751f7164548d66e9303e45f6736cd089d6a6e35a1883ce7ed70e1548c3bb4faed713f1f710f07d74a10fcb7888e6e6a6a

  • SSDEEP

    1536:fapcnVHT1e/ofspSm+fqpSmdsr/OfmtZ9hZjfubV7A/uprOsYgibfbFDKsRy:CpcZZU6ipSFrkm356OmZYgafJly

Malware Config

Extracted

Family

redline

Botnet

@rocketprosupport1

C2

104.211.55.2:80

Attributes
  • auth_value

    d3e217c2eab07f2abc41ade13a666e65

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0x0007000000014c13-145.dat
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections