Overview

overview

10

Static

static

10

f404b11655...18.exe

windows7-x64

10

f404b11655...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f404b116552d8b8ed25051c2ce6e789f_JaffaCakes118

  • Size

    100KB

  • MD5

    f404b116552d8b8ed25051c2ce6e789f

  • SHA1

    6e6e6376954ab79bf659a3e08ca9481615aa1f76

  • SHA256

    63e7269386a29ac6638f675af2e7daf2d0d52b6522ebe3af6407efd5a83de7ab

  • SHA512

    88efae90ee6a973c301e58e38cc3809b7596ade928e778d058ac6b4aab780010f595288cbdca932d869bee4af3adcbdbff70a5f7af3a32df7f7b83ba33e8dbec

  • SSDEEP

    1536:Hm386AEAuDlgBns/sEy1yP4Wiy6oSmQz+7evgbue7vbuvTyAsdnDi1xQeTEaG6WJ:Hi86AdQ2buP7SmQz+qI3bu7yddWsvI0

Score
10/10
bugattiredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

Bugatti

C2

45.88.3.176:17033

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f404b116552d8b8ed25051c2ce6e789f_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections