Overview

overview

10

Static

static

10

59fb744259...de.exe

windows7-x64

10

59fb744259...de.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    59fb7442592a9c032fbabad5a797fbde

  • Size

    96KB

  • MD5

    59fb7442592a9c032fbabad5a797fbde

  • SHA1

    c9477fc460b0b44c63c2a5f83a178c398b6a36fd

  • SHA256

    d34e796266410aff6fcad07b74545d3121bfc595cadef5370c01153b4dbf0047

  • SHA512

    5138015101bf38e436d9e1dc5c65f13e7a9b777b3849cbadfd8462b384a89cdf2e01a3b027545a3b1bbc1136c8814f4d8c54fdaf3fae3004966707b5ffc75500

  • SSDEEP

    1536:XHB+zRmEOBCoUi6HW+iGXgktM20VbN8FAh8xx+Ombf9Bo3HHTPyHddoh30txbIjf:XwzRmEVoUxW+iGXNtM2EuA8x+b1UHHbL

Score
10/10
@bbakochredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

@bbakoch

C2

185.186.142.55:10425

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 59fb7442592a9c032fbabad5a797fbde
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections