Overview

overview

10

Static

static

10

0a528439c1...72.exe

windows7-x64

10

0a528439c1...72.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0a528439c12e9822060e4d470cfb2a72

  • Size

    98KB

  • MD5

    0a528439c12e9822060e4d470cfb2a72

  • SHA1

    e3a1a423a179ec3ee494344091997329fb38dfb6

  • SHA256

    72b61f9477d238b49b75570dc71524ee1600169e1f0f7e1d20fcc4534b050f36

  • SHA512

    bb513eecc49dd35337f945cc4b26b99afdcc7004ec28f3f43c9311c603517f454abad3d3dd7ee469c2007d4e6d5870eb6038754eab309e02aeda7f560bc650ac

  • SSDEEP

    1536:h3LNmocuV9hguGkYNYCsYYG1fKJFlsmbfexvWvvUyyedgw3bqCxXsEeG6ijoigW:hxmocYYNYHYXSJ/hgWvcyzdUSnZ

Score
10/10
@design_stalkarredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

@design_stalkar

C2

152.228.150.198:11188

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0a528439c12e9822060e4d470cfb2a72
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections