Overview

overview

10

Static

static

10

f6f4de7364...18.exe

windows7-x64

10

f6f4de7364...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f6f4de736422e2ce52eaf99b41edfe32_JaffaCakes118

  • Size

    100KB

  • MD5

    f6f4de736422e2ce52eaf99b41edfe32

  • SHA1

    58d48b7dbb9ce26dd3ee483c44322aa2beffea81

  • SHA256

    ee634bdc72e1a5b57eb1f7d42e5d0a4b7c9b1f7aa53a1f53564bf4ff5c74361a

  • SHA512

    c9cfe4d0140e14ba711a421a55ae25c2c062b826c91be8fcc648d95c8b577a756e9d6c1e14c807003149c6f50803ba0d19fde1ebcc6011ad3766796fa94de831

  • SSDEEP

    3072:vi86Ad2ay0doguEQzpNK+ulydd6svxev:q7AdLXQv4lyL

Score
10/10
crymore2redlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

CryMore2

C2

hiconvanor.xyz:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f6f4de736422e2ce52eaf99b41edfe32_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections