Overview

overview

10

Static

static

10

f601b4ced6...d8.exe

windows7-x64

10

f601b4ced6...d8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f601b4ced6697196df4f9680072a2fd8.bin

  • Size

    221KB

  • MD5

    f601b4ced6697196df4f9680072a2fd8

  • SHA1

    532fedae12bad2bafd33da72e632448087fa8a01

  • SHA256

    140237fe848a6240f04680f1cb5ed2e1a59a407376d487969e49b699502e67d5

  • SHA512

    66aa52bdae5f83de7e6b8c198a59e2e3319730fcd0ca95670fe0f29867d49500163b0be2bc9f88bea84074c113d62241c3f794c5298963055522d2f89e4bd9d3

  • SSDEEP

    3072:+Nv0S/yQKnhNgcoVQqw5TmJOXkXt/qYJanR1TaiV0VnCkMSH:+i4y5hNgcoVQJ5n0d/tanR1aQ0VnCkM

Score
10/10
kolyanredline

Malware Config

Extracted

Family

redline

Botnet

kolyan

C2

77.91.124.82:19071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f601b4ced6697196df4f9680072a2fd8.bin
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections