Overview

overview

10

Static

static

10

2b63c93447...af.exe

windows7-x64

10

2b63c93447...af.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2b63c934475ba4c4bdb988f0f76edfaf

  • Size

    211KB

  • MD5

    2b63c934475ba4c4bdb988f0f76edfaf

  • SHA1

    32279705705b68656d11c690e85455df6a034c76

  • SHA256

    e7e2a6b03469fb8c542986035a5a67997e1afc3e78d93f267028db4672c68207

  • SHA512

    131bf3fe7a433e71a421bfc4b219fb44f040ab43d1f461d61dd99914a272fb96118e27876f35dcd4b7d23e58b613f7478d8491605161425d13b2f1300722cd59

  • SSDEEP

    3072:v9Z+PPf1rLJTVzqicaGlnjyjdWsYDcDZfl:utfJxzqiGhyIjQ1f

Score
10/10
pirmas bild v2redlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

Pirmas Bild V2

C2

159.69.210.57:31724

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2b63c934475ba4c4bdb988f0f76edfaf
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections