General

  • Target

    0d6c91905b7d593f2ac9b035bf517d4c

  • Size

    100KB

  • MD5

    0d6c91905b7d593f2ac9b035bf517d4c

  • SHA1

    3477d2817edaa4ce5b35b6d4a58721218205929d

  • SHA256

    d0f4a657b018b7d3911f5905d1514a327ec2621723a3157b61a821f72f669d33

  • SHA512

    499ea9f967fbfa1ddcf2b3d539f44a40f0db2d410815f719a66a947dddc89b6953ea9cf6b84e167472055c6f75e978f0ff117ded0012fbf3d97302e9ed90f6a1

  • SSDEEP

    1536:lo6aG7zCw2lkfcDa+YVoJHWcauhwWcgbue7v3uvNyqsdZletx5REDG6WAaoigi:ldx/Ci0/EuB33ulybd+NWpS

Malware Config

Extracted

Family

redline

Botnet

@desssiredd

C2

185.224.132.232:64354

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • SectopRAT payload 1 IoCs
  • Sectoprat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0d6c91905b7d593f2ac9b035bf517d4c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections