Overview

overview

10

Static

static

10

0f5271f1ff...c5.exe

windows7-x64

10

0f5271f1ff...c5.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0f5271f1ff7dcba3bd12292ef4968b16d672074602ad671fe13a4904af998cc5

  • Size

    171KB

  • MD5

    497c63ff13a7056996407c0213175397

  • SHA1

    3fc0eaa1e91a7f869585c50eb7a22dee723dc641

  • SHA256

    0f5271f1ff7dcba3bd12292ef4968b16d672074602ad671fe13a4904af998cc5

  • SHA512

    30b910cf21d33d046c6c273d30ec7e98ff05458e5fb47105875995a6a51c080b6ee6ccf170f1e230265214de675753cb4b116bbf9a23e2bce5ebd9ee08157586

  • SSDEEP

    1536:ZMtBxUqlVZRGWW3pasr8x8DWGPvyJqFaR8RTGqVabuZqp5F2uPB83wYkp8e8hd:+tbk3Uxel6JPRjqVOs2X2uPBH8e8hd

Score
10/10
darkredline

Malware Config

Extracted

Family

redline

Botnet

dark

C2

185.161.248.73:4164

Attributes
  • auth_value

    ae85b01f66afe8770afeed560513fc2d

Signatures

  • Detects executables packed with ConfuserEx Mod 1 IoCs
  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0f5271f1ff7dcba3bd12292ef4968b16d672074602ad671fe13a4904af998cc5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections