General

  • Target

    26bbac4c14a71ad655095ece919f293d

  • Size

    100KB

  • MD5

    26bbac4c14a71ad655095ece919f293d

  • SHA1

    b7e335d6a20f47ca7566cff05f13e0b8e6ec797e

  • SHA256

    042c64db7229efa2a0283ddd7acc93e547912923cbf5befc59c51b81bf995e04

  • SHA512

    19d9da7279f73e54a790b105a9aa14ec926feeb030098b4d9a16af998a319a1a33be13cd20696227109d2e5e72ff900a0cc0fd0c4ab6526cebc48e39fe260fed

  • SSDEEP

    1536:Om386AEAe51BZMmKMQeVJQJ1CSCoa7Qz27egbue7vJuvNyAsd4ji1xQeTEmG6WAk:Oi86Ad+122HYa7Qz2L3Julydd5svkk

Malware Config

Extracted

Family

redline

Botnet

@Yuki4onna

C2

77.220.214.232:13459

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • SectopRAT payload 1 IoCs
  • Sectoprat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 26bbac4c14a71ad655095ece919f293d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections