General
-
Target
2084d28241ad256007d75d930e28361a.bin
-
Size
116KB
-
MD5
c15184c104a5ac52f5b2de7831576d5a
-
SHA1
5dd2f51355c959a4f3051b7cee33c55200c6d799
-
SHA256
69229c8f7959ec43e0d628f7dccf7025ade00e491289c195ef1da3086197ec9a
-
SHA512
42cb36aa5aa1d9ffcaefa48ce8148630d3f37a5a42373d906eba42861fe93af96b470c95a9fd37df1215565b24cee5a3346a92f14be8e5f8a5dafa0e6752b4ea
-
SSDEEP
3072:afABD6aR6cJRoNEg6X2n5Up6RWHya7feCv1Ecgp2b9E:zN6MNGNkZSxa7Z1E7Q5E
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
@cloudcosmic (https://cloudcosmic.store)
C2
87.121.105.175:14845
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2084d28241ad256007d75d930e28361a.bin
Password: infected
-
cfcb07d0c4e18c98cde36caa2ea5ee4f1617d05026b0845f87c6226d3a49c61c.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections