General

  • Target

    caca.exe

  • Size

    304KB

  • MD5

    1571d88e10c7b438116ae9d569a4a206

  • SHA1

    27acf3eafccd09ebbd42cc850f285d10f8b13ac6

  • SHA256

    4bd094e6a78a0accbd4dbdb9960955734966408ba5ff27ed69f51dfe0c1cda6b

  • SHA512

    04955f461de204448758e68ddcdd38d59eab57a1ee11934c93d2dd9a0092246383ae52f3fb40bf6420bd995bbd33dec5c8fa7ed57faa0c1d20fb14f0d12e1565

  • SSDEEP

    3072:Oq6EgY6iYrUjp3o8PwP98sQADlaoReTAFt2SilpcZqf7D341eqiOLibBOW:1qY6ivHwPDxHReTAL2/pcZqf7DIfL

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

caunique

C2

185.215.113.67:26260

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • caca.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections