Overview

overview

10

Static

static

10

50ccb56f48...c2.exe

windows7-x64

50ccb56f48...c2.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    50ccb56f485630a5751e47350ebc34c2

  • Size

    111KB

  • MD5

    50ccb56f485630a5751e47350ebc34c2

  • SHA1

    2a7c455d2df0f36bcdfcbd7d50418be9fa045e28

  • SHA256

    8dc5e886bebaf138f3011ee5d96639ed6511b33e1937adcefc4194daf028ed23

  • SHA512

    de076f60649cc09192168838f79ecf0e0d59068a33d76ae062046e3c3186720074b5a60fd18658832f8c64cac6cd289cfedda4d8b21825386c6b29ea70a4d9b9

  • SSDEEP

    3072:fDcngwl3q+DuUOj1xZ6rspnYDfnzyAdpkq:7fXQ4BQryik

Score
10/10
@lunnayanredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

@Lunnayan

C2

141.94.188.138:46419

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 50ccb56f485630a5751e47350ebc34c2
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections