Overview

overview

10

Static

static

10

Nh139KH.exe

windows7-x64

10

Nh139KH.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Nh139KH.exe

  • Size

    221KB

  • MD5

    bc8036f4fe483a7e02fd052a23de765d

  • SHA1

    430f1416934279303a78ca8121b7013ef09018ce

  • SHA256

    f46fe7c1752cf8321733098c318b1b68a647bcffe817fa57412a66d32ae15ed8

  • SHA512

    a3f30b7ae759e2ed9a78374b858d0a043f4f7df4a50f6c0953aa7f7e0ac76c4dab822cfe53a3cfb2247e6385a4d8a20f2f45ec5fd29202d1bec346241eb2eafe

  • SSDEEP

    6144:dWHOOQNgcKHCD2o/FdBa/xVs6CLlRXs1:dEHQNgcKHxo/FdMKRXs1

Score
10/10
larekredline

Malware Config

Extracted

Family

redline

Botnet

larek

C2

77.91.124.55:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Nh139KH.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections