General
-
Target
SHKCVJI.EXE.exe
-
Size
238KB
-
MD5
a91fec9ad52f7d12e35be7e580152675
-
SHA1
9e2d053ce3a70da4136a4a7745f4b04da134e7dc
-
SHA256
83716867ce29635da108fe727d026684d2d853b700edead2e201a38583995e40
-
SHA512
3255eeb07822d296fdfcc52b8bcf2bcc0c893b937aeb83cab50609afa116ae84912a6d1119058771e6462eeefafc1218e4dda2e7971ce8748f0dd7bb105c8e4c
-
SSDEEP
3072:B2KLTnYEQwKvxLrAm0FN+q2pGuhTMo1syKXLn6yujgrxphaAykPMRqT6Dv/Yieqi:IKm0/2gST98wjUxpQA9PMRqT6D4wLc
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
legendary
C2
195.20.16.103:20440
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
SHKCVJI.EXE.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections