Overview

overview

10

Static

static

10

e7e77327ed...18.exe

windows7-x64

10

e7e77327ed...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e7e77327ed18bc874f9d9a4505bb3f8d_JaffaCakes118

  • Size

    102KB

  • MD5

    e7e77327ed18bc874f9d9a4505bb3f8d

  • SHA1

    f3738f235a6b8f1cd6ae8ab93085a1b5a3010b71

  • SHA256

    ac5101038b85495cd001412a2fcb93afd1bc29f69060463dc6f73ed422f9e888

  • SHA512

    d65103afd4cffcf2c9bd2bf7c14a8aad43428d771cc45903720afaaeb8af01160ef8ef3b9a23c6d49f4f922e438e8ae7338867749277969baf2c4d278e045b84

  • SSDEEP

    1536:1WiM/y1okyf+IG5tJu6zIQBWbboe4FQkpyqzbNeMxyas8+TmeEYG62oqoigD:13M/mok++I47u6zUb1fkpy65xyaywij

Score
10/10
@ancreamredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

@ancream

C2

45.66.9.19:25061

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e7e77327ed18bc874f9d9a4505bb3f8d_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections