General

  • Target

    decode_e215c54e22b71b909c6b03505a03b872679edbbf2609342ec9402515fb15ef57

  • Size

    174KB

  • MD5

    47a8c1df196bca5ad9a0978fb1bc6190

  • SHA1

    a7ab4e666c7eadd448895785caa54d7f430a98cd

  • SHA256

    826715c8c8488c93223f5eea64fa5d00638cb8bf040671486fbc2770340850d8

  • SHA512

    e542fa8bed58741f76ae8a83b5074b7159f091622f4cc86ce6613cf9c281f4c0fec2184565074ceece8696dd03c5ea02cb5dce88fe07fcf62e6440beee8b5248

  • SSDEEP

    3072:MZm+U1wq2I0rI7DEOGloe8QsW3E0aGdevJE8e8hx:8m+w2I0rI7D2zsW3E00vy

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

Test

C2

52.152.223.228:1599

Attributes
  • auth_value

    b0d4c3cee275dd824d66e423268ee5f1

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • decode_e215c54e22b71b909c6b03505a03b872679edbbf2609342ec9402515fb15ef57
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections