Overview

overview

10

Static

static

10

f20eb5cba9...18.exe

windows7-x64

10

f20eb5cba9...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f20eb5cba941fcc43e5e9785ac29b49b_JaffaCakes118

  • Size

    100KB

  • MD5

    f20eb5cba941fcc43e5e9785ac29b49b

  • SHA1

    8a2a4b08c9089eb1a8fca9984434ae7afd4d6856

  • SHA256

    05792dac2f51354fbad1eb9b838ddf29171e4e2677c5c250a190f62e70d4a7f2

  • SHA512

    3168cd52b18ec8074158b17d69f8ba5024f213502c069124a9e7ec1922662991b11725387de82296e1fdc50fa502a5e8548d0973b95a74935d812411c2958d90

  • SSDEEP

    1536:Am386AEAMu+BA5egJ1jzMOQz77zgbue7vBUvNyAsdglQi1xQeTEaG6WAaoigm:Ai86AdrZrQz7A3BUlyddIsvIW

Score
10/10
@easyraguredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

@easyragu

C2

45.67.231.221:42619

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f20eb5cba941fcc43e5e9785ac29b49b_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections