General
-
Target
0x0008000000013a47-68.dat
-
Size
168KB
-
MD5
9c16c91e425af23f808147c5d55310b9
-
SHA1
ea4ae44a4c3f010c76cde886bf28b1aeb0e0c0a1
-
SHA256
02f13fca76c34a9c7b284caeece6c8f76afb8662168e0071a3e62b3de98e9599
-
SHA512
5a6a903b9af2fc41c7de29b530adbbfdb14c378e7a06403a3ca24f77620523636862059636db623bd22587b5f1822fd5cbc2e68926ffa200ee86035fd6b12f1a
-
SSDEEP
3072:URhnnGhZsW6PqV4QQAtT33mPltVC+8e8hG:U3neO3aT33mPltVC+
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
diwer
C2
217.196.96.101:4132
Attributes
-
auth_value
42abfa9e4f2e290c8bdbc776fd9bb6ad
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0x0008000000013a47-68.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections