Overview

overview

10

Static

static

10

e875863d0f...18.exe

windows7-x64

10

e875863d0f...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e875863d0f72376bbec93d8420e3fa57_JaffaCakes118

  • Size

    106KB

  • MD5

    e875863d0f72376bbec93d8420e3fa57

  • SHA1

    7437367226068bcb9f393a99dd1d5cc1b9b40a1c

  • SHA256

    6c9fdcc1af87cbedcf7dd3945ec2715b483b8d34d28e8f8155e3c19a30005ba3

  • SHA512

    852abf3c1799e1aedb64248d06511569292ee2ce3293f627e943b3421a89504c74ee03ceacfe039bab40904cb28425d5e56a90322e4fba570d0b8a4dfb652143

  • SSDEEP

    1536:fxPQlbE9fuw8rAAhU/DmOPUnA0gCQjbuFGdRnQuyqdd0VLWOEEG6eRaoigM:5gE92wOX8DmOxRn3y4d0oJH8

Score
10/10
ayrelia1redlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

Ayrelia1

C2

77.83.175.169:11490

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e875863d0f72376bbec93d8420e3fa57_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections