Overview

overview

10

Static

static

10

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    38d43a3a1f0bda152fdd683184cbc79aee1ce6f422fe7ac3841a8b8a6cca1b3a

  • Size

    95KB

  • MD5

    44b6f48a50be8b19b46773df9b712131

  • SHA1

    e0a322b47ec2744abeda531092483f54c038faf9

  • SHA256

    38d43a3a1f0bda152fdd683184cbc79aee1ce6f422fe7ac3841a8b8a6cca1b3a

  • SHA512

    095f4a5010c003ac657c075232b920e07400291666237027c472369e766c4a2e72a36b11909f2b701fbb6de511cec00912c2fd5741d0e4d28c42b399874c2526

  • SSDEEP

    1536:9HqsIEq76ElbG6jejoigIY43Ywzi0Zb78ivombfexv0ujXyyed2jtmulgS6pM:91d+68YY+zi0ZbYe1g0ujyzdjM

Score
10/10
@systemadminbdredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

@systemadminbd

C2

172.86.101.115:4483

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 38d43a3a1f0bda152fdd683184cbc79aee1ce6f422fe7ac3841a8b8a6cca1b3a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections