General

  • Target

    553b4d54bdbce6e4b4396e0f0baaa60f

  • Size

    100KB

  • MD5

    553b4d54bdbce6e4b4396e0f0baaa60f

  • SHA1

    9ec803e209fee135233e6bc8e720fd9bdd67803a

  • SHA256

    97d79d7781e8431e76d4e8c7e0bd67dcf759c350799108ec8030ebb1291e8a4b

  • SHA512

    91405022c9ef9caf9b24374c77d9303ee1127422bfedbe23fab1cf2cec0a268e527cba8a65e99b2cf546117989a794940bfda9d83b9578ab07d3a43cd0949dff

  • SSDEEP

    1536:Oo6aG72CL0j8y8cadDCx9oZPbauhwFUgbue7v/uvNyAsdl/ketx5RELG6WAaoigt:OdxSCL0SueqJ3/ulyddDNWx9

Malware Config

Extracted

Family

redline

Botnet

@CyberPhish_mod

C2

45.14.49.109:54819

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • SectopRAT payload 1 IoCs
  • Sectoprat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 553b4d54bdbce6e4b4396e0f0baaa60f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections