General

  • Target

    3565c5fa320c8bd08c43c6b365a9d58d.bin

  • Size

    4.0MB

  • MD5

    3565c5fa320c8bd08c43c6b365a9d58d

  • SHA1

    aa0b98898939b8648184835dcdd5175c8a336a56

  • SHA256

    d871e820b810ed4a53f01ae796a4a4e8893a0e78fb6ed8f6d239f9a7cfffbc05

  • SHA512

    d6f55fb220e1b827deeb292b724781e1c5a5f0d972798456af5cbaab22f58878e40ce191c94afe02c2a67bac2655e0d0c1b38b202a8ac67e7dedc516901edd2e

  • SSDEEP

    98304:xL7VzpoU8VtQYs6g8QptYUQPtVNfJ8QQkLgk2V5:d3l8QG9Sugk2L

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

Alenus

C2

77.232.38.234:80

Attributes
  • auth_value

    b688448c1e9d017b627197d82c4d562f

Signatures

  • Redline family
  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3565c5fa320c8bd08c43c6b365a9d58d.bin
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections