Overview

overview

10

Static

static

10

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fe19cdb149ecd8fd116f048852dcc10e46a3521351102685ce25c61a7d962a14

  • Size

    95KB

  • MD5

    0592c6d7674c77b053080c5b6e79fdcb

  • SHA1

    693339ede19093e2b4593fda93be0b140be69141

  • SHA256

    fe19cdb149ecd8fd116f048852dcc10e46a3521351102685ce25c61a7d962a14

  • SHA512

    37f2ff110b0702229b888280c8c2dff7885e6b1e583ccc47c36e74f44adfa491f70d6d6ab95d79149437d6fd9400448f1046eee3676ea98dffe99bc28e4783cb

  • SSDEEP

    1536:5qswOqJGlbG6jejoigIj43Ywzi0Zb78ivombfexv0ujXyyed2P5teulgS6p8l:X7uOYj+zi0ZbYe1g0ujyzdOi8

Score
10/10
pixelnew2.0redlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

pixelnew2.0

C2

194.49.94.11:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fe19cdb149ecd8fd116f048852dcc10e46a3521351102685ce25c61a7d962a14
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections