General
-
Target
9001b4d829eac33f2b06ab34bbef7480.bin
-
Size
43KB
-
MD5
58683f1dc2db3f87865344e4cd519b20
-
SHA1
c66af4faa9d13b307aad69d9748d5b48682449b0
-
SHA256
bf01f5a33558c59188cd3b91f56ce00284cf4fd614ccc9393b8126f40cfe465f
-
SHA512
6081ec3bd5e2706a52c4c6ad89056f3a8fcb8f99d51614433377ea96d7967c8c82ac28136b98ce17674c0ff0916a079f7dd625c060acff0a7ceb66f7c6670d37
-
SSDEEP
768:2S7iZeZj0LRxrihjhk4npZAhJnAaGLnHGY8eJIGAR/PK+5hbbrwWtenyi5a4QQXP:m4Z4L+9kopZAMZmLyIfj8Qey9yV1
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
--- https://t.me/BlToolsCloud ------ https://t.me/BlTools_Logs ---
C2
rights-mountains.gl.at.ply.gg:23403
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
SectopRAT payload 1 IoCs
-
Sectoprat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
9001b4d829eac33f2b06ab34bbef7480.bin
Password: infected
-
7981bc15a329fe58ae76f26d03fbcab5d7c32658f29a1529d4d83b9e377a81a4.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections