General
-
Target
buildnewbuild.exe
-
Size
95KB
-
MD5
a71371d1a53f284a6421ba0022e00e91
-
SHA1
6de1622680d4eec098eaeec19bc4eeaefb4f8346
-
SHA256
645e55b1ed6e8bdfcf82bd2abf82cda4c3539c3639d850bdbd4602e3f4d6a638
-
SHA512
3e0560cd2bb9b5b83052654b099a7f46d6fc260e98e56bd535ec1cd50c6d5694c6d4cbf9ded03755373c2bdbfdee7418236f5defb7bdfefacc02776553231aa2
-
SSDEEP
1536:NqsIoqu3lbG6jejoigIH43Ywzi0Zb78ivombfexv0ujXyyed2PtmulgS6pIl:7Z1FYH+zi0ZbYe1g0ujyzd/I
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@ShadowCloud
C2
15.228.188.221:4483
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
SectopRAT payload 1 IoCs
-
Sectoprat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
buildnewbuild.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections