Overview

overview

10

Static

static

10

bounty-973...68.exe

windows7-x64

10

bounty-973...68.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bounty-97392239633069468

  • Size

    304KB

  • MD5

    15a7cae61788e4718d3c33abb7be6436

  • SHA1

    62dac3a5d50c93c51f2ab4a5ebf78837dc7d3a9f

  • SHA256

    bed71147aa297d95d2e2c67352fc06f7f631af3b7871ea148638ae66fc41e200

  • SHA512

    5b3e3028523e95452be169bdfb966cd03ea5dbe34b7b98cf7482ca91b8317a0f4de224751d5a530ec23e72cbd6cc8e414d2d3726fefee9c30feab69dc348fa45

  • SSDEEP

    3072:qq6EgY6iQrUjytA4dwP8Zk1tx/Efz+TAGtASRkFcZqf7D341eqiOLibBOh:pqY6iAwP6k1vQz+TAiAtFcZqf7DIfL

Score
10/10
@logscloudyt_botredline

Malware Config

Extracted

Family

redline

Botnet

@LOGSCLOUDYT_BOT

C2

185.172.128.33:8970

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bounty-97392239633069468
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections