Overview

overview

10

Static

static

10

bb9a4a44c1...08.exe

windows7-x64

10

bb9a4a44c1...08.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bb9a4a44c16a4a912a77a1ea6817636d65bd9678b9a9741dc836ef5174076108

  • Size

    172KB

  • MD5

    6180903416fcd9e1c17da1606d72f0c9

  • SHA1

    6d614fd784288d9c5ec548396690a054d8ac63f5

  • SHA256

    bb9a4a44c16a4a912a77a1ea6817636d65bd9678b9a9741dc836ef5174076108

  • SHA512

    6ad5843201fc0ba82bb4b4024da74f849b462e7ef87c6766baf5192c172b9aa52d49f45972731d23cd9fc7e17d6ce957a88f6580491f28dc4e1a8a92db8c4b1f

  • SSDEEP

    3072:c47FCYO0NJQ5S0xNcIA7qVJeNGT8e8hy:cvd0AEnCVJeNGT

Score
10/10
drakeredline

Malware Config

Extracted

Family

redline

Botnet

drake

C2

83.97.73.131:19071

Attributes
  • auth_value

    74ce6ffe4025a2e4027fb727915e7d7c

Signatures

  • Detects executables packed with ConfuserEx Mod 1 IoCs
  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bb9a4a44c16a4a912a77a1ea6817636d65bd9678b9a9741dc836ef5174076108
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections