General
-
Target
iamdlzkgy.exe
-
Size
214KB
-
MD5
e25e3ffa8c7477d24baaa2de8fce7da5
-
SHA1
7ccde7e55ec72c9859b96d17f19c6c89656d2696
-
SHA256
94fca89e71f396bf1fd8f97ab027d6f64d443f6e3b8bc6ff259604401f78416b
-
SHA512
2741248bd068bfb52659ad908e7250d09c56a30344cdb2d7752752b5765ed3f1c95d80039ee3985ecb16ba5d98897720f52e05dfcdfa586b5c4d1d8a9014244e
-
SSDEEP
3072:22JLXfYoQk+nJLMbI7NKeiZixKMD4UydbXcnDaAxKR5AgkVMRqT6Dv/YCeqiOL:7NbIEn1bMZxKPAXVMRqT6D4QL
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@Pixelive
C2
195.20.16.103:20440
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
iamdlzkgy.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections