Overview

overview

10

Static

static

10

dec3349882...16.exe

windows7-x64

10

dec3349882...16.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    dec33498827be1da6e38e32f48a22216

  • Size

    277KB

  • MD5

    dec33498827be1da6e38e32f48a22216

  • SHA1

    746f987bc12c1b24604f20b4b88220ab2edcc55e

  • SHA256

    59ba4b6da738ddfddeca97bce3947c20d939f1dab3d5474cae992b4afb4a810c

  • SHA512

    3a05ba69b4ce1d14683bf80ec8da85ecbac6bd227a8775ec2770eec22bfaa9720f80566fa6999effb9feeb90e7e0fe119eb7a98d361b6bcdb4258316960e2673

  • SSDEEP

    3072:1i86AdnW1vWQzJjF32zlyddmsv8o8j+pG+c9+i8yXjIXji:k7AdWHjBQy35LGN9L8yXjIX

Score
10/10
baslangic1redlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

Baslangic1

C2

216.250.250.194:48541

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • dec33498827be1da6e38e32f48a22216
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections