Overview

overview

10

Static

static

10

55b479fbd7...9e.exe

windows7-x64

55b479fbd7...9e.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    55b479fbd7f86bc5aa7ead2d0c07eb9e

  • Size

    96KB

  • MD5

    55b479fbd7f86bc5aa7ead2d0c07eb9e

  • SHA1

    f2cd08a43aed4390ea691dbbd1cdb82faff43c97

  • SHA256

    b286ae21f7b64b9284d291183fe08fa51e7ec6f2d20dcb19a6a1be66336eb27b

  • SHA512

    02b147e24c5391f15c0fa37f18816106aae47785bf85b363bf0f383af761f8b0daa92d632e090a3d752ccaa664fab3b492c37e88904bd039c5216bc25e893e8e

  • SSDEEP

    1536:Gm386AEAVv6BjsvcHFs7IRjIQzg73Kgbue7vhuFNyAsdOKi1xQeTEGG6WAaoig:Gi86AdtWfFGQzgDD3hunyddWsvE

Score
10/10
5k_cosmoredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

5k_COSMO

C2

45.14.49.117:14251

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 55b479fbd7f86bc5aa7ead2d0c07eb9e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections