Overview

overview

10

Static

static

10

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    219KB

  • MD5

    be9bfb247d398e5b26ecf5902e3d7cd3

  • SHA1

    e63fd0950d3f7e48daa7aa1a32599416cf129cd2

  • SHA256

    ceebca425cadd0d8c37cd65a6d60f18189a168eda54c8d3ec4008e6a06d7e4a2

  • SHA512

    0c10fd9a4d8f7339788ac26a86b6917b8fbf9a717f2d94c586f0e3a0d30ff231c050592267817604e4f50a2317fc745c467472ae6c1c743e0a07bc882fc92ea9

  • SSDEEP

    3072:C/fwUo7gNgcRN6ePrlG/qVQTvOE9RSdPUT8Scwexwqa1KSF:C/fjo7gNgcDNrlG/j/90eT8SlUwqaI

Score
10/10
persom-1122redline

Malware Config

Extracted

Family

redline

Botnet

PERSOM-1122

C2

194.49.94.77:22888

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • file.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections