Overview

overview

10

Static

static

10

f7a2e5eca6...18.exe

windows7-x64

10

f7a2e5eca6...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f7a2e5eca6b5afea91f95ac9ef79df5d_JaffaCakes118

  • Size

    100KB

  • MD5

    f7a2e5eca6b5afea91f95ac9ef79df5d

  • SHA1

    e9ceedc6c38c1f9aadd47c180f275d1170c7a917

  • SHA256

    13ab45b0ce37784de2085c1d0424bdd9992755dd3f4fd1d6a740a25533ea18e1

  • SHA512

    8337c5ca88610f02255eca0f21f8fc3d046d3468236b0fbc52c671369c130b5793f77db99adaaaa3c0c7fd2425b39fc16d09db38602882579c582015cc66b4f7

  • SSDEEP

    1536:um386AEAePJBDMSoU8trlEdz0GQzh7vrYgbuetvDuvNyAsdLbi1xQeTEuG6WAaoa:ui86AdUz4FtrlqQzhl1DulyddCsvsc

Score
10/10
1427371155redlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

1427371155

C2

185.250.206.122:43180

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f7a2e5eca6b5afea91f95ac9ef79df5d_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections