General

  • Target

    02859a511c31f0ae405f30ae0f9cdd9a

  • Size

    107KB

  • MD5

    02859a511c31f0ae405f30ae0f9cdd9a

  • SHA1

    c1778deeb4511da7588f90abddf1a2e570ce39cd

  • SHA256

    80529ac515836ae01b3b2bf004112bdbb0c8ce8f8ec353f34110ab3a78ac91ec

  • SHA512

    c0a34c18de7b34dafbb8b782ff3f98281b2fc0d97f251279e1a5a52d798216e16bc26b2d2b60ed6275638e686a73aae77db73c830a8c7c43fba98e93457f580c

  • SSDEEP

    1536:qt9pmyfZB9pOgOEdOx08JJFw8LzqcnH0jbuqbdknMuyq+dJV4dDjEOG6qTaoig:4fZBDxO4V8fFjLDOnknjyjdJkYj

Malware Config

Extracted

Family

redline

Botnet

supertraff

C2

135.148.139.222:1494

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • SectopRAT payload 1 IoCs
  • Sectoprat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 02859a511c31f0ae405f30ae0f9cdd9a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections