General

  • Target

    16bf4653dfc06b85e7d34cb5cfe62717

  • Size

    173KB

  • MD5

    16bf4653dfc06b85e7d34cb5cfe62717

  • SHA1

    35ca16cdb661f6978815efc8c8a2ae0fbddcb733

  • SHA256

    6038860aefedc84fdafe7d693ea6fa63147be5e3a43dd96e20adf377811c5d30

  • SHA512

    0717f23056515b18f627496c309c22bfc76da5b61f2730a320fa8584ad0fb5ed47a8695ad255bc8635cdd379d2313cb141466e86ae0b639c33772fe2177fa35f

  • SSDEEP

    1536:8t9pmEJnCKOAD3dOlbi2JKnJbpNjbuqGd0AMuyq+d0+7dDjElG6qTaoigQwY8ls:CTnCK1DtCbi2AHhG0Ajyjd0iY428ls

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

1.22

C2

95.211.185.27:42097

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • SectopRAT payload 1 IoCs
  • Sectoprat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 16bf4653dfc06b85e7d34cb5cfe62717
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections