General
-
Target
h4844004.exe
-
Size
174KB
-
MD5
a8e109b7d6cb82b639033e43bbe8f8a8
-
SHA1
d1f0663ac1c8288b9961432169c849a1daf5b7a3
-
SHA256
67f1e12ea97aca4b5a9a264a094adbc04e499699d05ea54d90816d720ac122e6
-
SHA512
1268941f623b94d43db12cb001a4abdf98a7e839a08c52f6df867c88b61d72be85bf9855136684f60a92f6dac187c741f73fbbf35d0a71055935e4555e4e22e4
-
SSDEEP
3072:KiZIEVII0FNuHZOJpFLizeIkqffffffffffffffffffffffvfffffffffffffffm:KiVII0FNuHYIpffffffffffffffffff3
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
tuxiu
C2
77.91.124.82:19071
Attributes
-
auth_value
29610cdad07e7187eec70685a04b89fe
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
h4844004.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections