General

  • Target

    s3849498.exe

  • Size

    174KB

  • MD5

    e4977fcf6ed2ae482f62b221167467b0

  • SHA1

    84b8d4ae97fc9e995e1c30f43543b2ba80ae4b9b

  • SHA256

    e2ccca7a7c97ffad300bcd37686796b903cccc96197957347e72711c7e6ba738

  • SHA512

    31289ec9565768ee72a9157848c3c7fa6ecd55b9ef739fab5019d1941e4738118450ee74cedf71e6197d6f8bb5eb5ef1d15ef0c39c67480cfbe75a3caf33f58a

  • SSDEEP

    3072:WFQKcZz8I0G8rlinnOgoLC+Vd2hE0MA9iL2GJg8e8hG:qQp8I0G8Ji68hE0IL2GG

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

jang

C2

77.91.124.82:19071

Attributes
  • auth_value

    662102010afcbe9e22b13116b1c1a088

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • s3849498.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections