Overview

overview

10

Static

static

10

5b2efc41e6...0a.exe

windows7-x64

10

5b2efc41e6...0a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5b2efc41e60b436ff9bce0ae4f8fd30a

  • Size

    100KB

  • MD5

    5b2efc41e60b436ff9bce0ae4f8fd30a

  • SHA1

    611ddf0b6cb01edd77969925d242c7d0685e9750

  • SHA256

    5179b913e59a263bae49cb3ddd5fe79269a2796537fe675767264dd30ffa0a38

  • SHA512

    f11221368d0fb5119638de6460a65446c2e333336115b78d11c3824ff524ed02a81bf47591606bcc47e141754d0887fcc11fb1e9cb640df3fbbda803f4efa9e3

  • SSDEEP

    1536:RTo6aGLKC7i2RHZVeb5N9HSBoh5TAauswsgbue7vduvNyAsdBdetx5RE7G6WAaof:ddxGCD3MbZHtZDi3dulyddONWh9

Score
10/10
mongolredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

mongol

C2

softwarebeast.live:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5b2efc41e60b436ff9bce0ae4f8fd30a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections