General
-
Target
XcHvYYrNa.exe
-
Size
300KB
-
MD5
b9a421c6f519b309d05149b5388debc6
-
SHA1
f713cef1b438bc65d33ff7c1532b9ac4f9cd9fa2
-
SHA256
9eff518a31a5ca6d372d8c2e60820b3b014e884da27c4ce7482fefc9b80d4b7f
-
SHA512
25fb917f01e6b2543c47a25561e6ff2f15fe304558281e52694ed26ff046b8fcf74f9a2e023dca41b2f7ceae1349d48ed4cfabe93b9c69582be9c290218acbd6
-
SSDEEP
3072:ycZqf7D34Tp/0+mAWkyYHcQQg3/B1fA0PuTVAtkxz93REeqiOL2bBOA:ycZqf7DItnzXvB1fA0GTV8kHsL
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
SolaraHacked
C2
127.0.0.1:4444
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XcHvYYrNa.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections