General
-
Target
tmp
-
Size
95KB
-
MD5
3d3801f8399c6bfdb21aa43fa13858b2
-
SHA1
5d248e17c0612f5ae934ec1cc3d03237e54b42db
-
SHA256
0666711e9a77267cfc9aade6b6cbb75382c2730adc6add471dfbfaf34cf79c9f
-
SHA512
d4dab5ce4a55f3dcb9b200a763858121e75d83a7a857bf086fe24225c1e81c000a347863e5a71177372e00b68dee04497946625f3741f22ab87cb64e8135f5a5
-
SSDEEP
1536:Fqs8aq+A/lbG6jejoigIP43Ywzi0Zb78ivombfexv0ujXyyed2OteulgS6pQl:DDZeYP+zi0ZbYe1g0ujyzdmQ
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
Invoice
C2
147.124.213.118:50826
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
SectopRAT payload 1 IoCs
-
Sectoprat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
tmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections