Overview

overview

10

Static

static

10

0x000a0000...18.exe

windows7-x64

10

0x000a0000...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0x000a00000001586f-118.dat

  • Size

    173KB

  • MD5

    61debb538fba467f2373b9dc75bb4077

  • SHA1

    a643a031b03ba453d66507850129753003d9e472

  • SHA256

    aabae4daa8210910cf9af0ec230951a281788c978630e892447ba26295b3ebca

  • SHA512

    59136d7c7f00a4d9b119ef9b2e4cd031276168c0fff9be8f364f64906f7156115d7445931ee2507fe97a24ed3f666edec26179bdce48a05df660fcbfb864af91

  • SSDEEP

    3072:P2mFIM+HRpvScF2KqxNH6HJ5blkL9pkRTf8e8hH:P23RkcF2KCmblkL9pkRTf

Score
10/10
zaharredline

Malware Config

Extracted

Family

redline

Botnet

zahar

C2

77.91.68.56:19071

Attributes
  • auth_value

    94c55a31fcf1761f07eeb4a0c6fb74fa

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0x000a00000001586f-118.dat
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections