Overview

overview

10

Static

static

10

1f0367d111...31.exe

windows7-x64

10

1f0367d111...31.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1f0367d111722957a4f684e18e04a931.bin

  • Size

    120KB

  • MD5

    1f0367d111722957a4f684e18e04a931

  • SHA1

    b3f5dda29b9bd8cbc27d316301bc21e4e88ae4cb

  • SHA256

    2f78914df87d2885233964ff18e0463f3e907750a39e868bf5de5d281071b3c7

  • SHA512

    8d17fb2f895cfe5259b685c9efb501bd2ba48cbfe4c70f2085815f5a227cbf0d7f75317b2c7bb027528c5a38dc4d079c4200987b2d0c18155eaf6949d848b6b9

  • SSDEEP

    1536:YG6ijoigHEqO1RUTP/IAo60igR4vYVVlmbfaxv0ujXyyedOG34ywEEd:2QEL/u6ORUYos0ujyzd+d

Score
10/10
@zharkbotnetredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

@ZharkBotnet

C2

91.92.247.161:11861

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1f0367d111722957a4f684e18e04a931.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections