General
-
Target
0x000700000001271b-2324.dat
-
Size
168KB
-
MD5
70715fa28db305c7dc2f238fb1811541
-
SHA1
831f3c5fe85ce842aec1081214dc1b2193ea51cd
-
SHA256
aa042aaf5a74f1cf71efc40f3ac298007799519a98ef7f3f7beea1cf0ac7d897
-
SHA512
20c4f20499d85d8be3db5b96946a54fb021696587ba8bf5e50195863f28ca30b430d0513b0971dd8a7bdd9c484c5716f49e37cf863d826e3ef57768caf5c3c5c
-
SSDEEP
1536:jtHYp2QPnEqlVZRGWV50r1hJ2/xwMx9CgKKKKKKKKKKKKKKKKKKKKKKKOKKKKKK5:jto2Qf3qhUZvx9YqVEF9HIieJ98e8hQ
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
mars
C2
77.91.124.146:4121
Attributes
-
auth_value
1c0fd23750a42192aed327b088c4f852
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0x000700000001271b-2324.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections