Overview

overview

10

Static

static

10

18851ac1b5...aa.exe

windows7-x64

10

18851ac1b5...aa.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    18851ac1b5161ebdb1b2cf9a9e69ffaa

  • Size

    289KB

  • MD5

    18851ac1b5161ebdb1b2cf9a9e69ffaa

  • SHA1

    7e1ad712092fa0244618d63cbc40ee0a905310bd

  • SHA256

    2cb5d586b1e5511df8134203c1533d3d49107f53c84156cb3f0083c9d75dd0b0

  • SHA512

    eb3d79b17da3109d199d34ff4abe914551305e481e75b38f3fa9d87e67451898dea1e048655f6d7bc7522d2392fbcc145221128a9c2e183a296ed965f64f2436

  • SSDEEP

    3072:2xmocnUDJX69gbucyzd8SnvmMWmku5+GwZWtFchWdwL4Rzql:pnUF6yZy+Ygu+hItFA4Ru

Score
10/10
netframeworkredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

NetFramework

C2

yonicathal.xyz:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 18851ac1b5161ebdb1b2cf9a9e69ffaa
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections