Overview

overview

10

Static

static

10

8cf118d0a8...68.exe

windows7-x64

1

8cf118d0a8...68.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    8cf118d0a8b7d13fd1c0f5226bf506caea089c35e69a78d548b9625fa6c37968

  • Size

    145KB

  • MD5

    a9fe2c0bfe1cb0299efdbbf8dc78dd76

  • SHA1

    236cf066996dbef4e9e4bf19fc84870bb54c86e7

  • SHA256

    8cf118d0a8b7d13fd1c0f5226bf506caea089c35e69a78d548b9625fa6c37968

  • SHA512

    d0b4589d00a4444e555066e5520a1033d1ea8ba9bfd9ed8a6543e63ee7e83ef3378ad02ec6151abb4e0a32438ada2dbed6f1d974e7626d9900e0d24eeed302ca

  • SSDEEP

    3072:tV+m5cVQmRSx0xlR5B2j5wMeoDChYZV8e8hh:tj4plRExNChYf

Score
10/10
terraredline

Malware Config

Extracted

Family

redline

Botnet

terra

C2

185.161.248.75:4132

Attributes
  • auth_value

    60df3f535f8aa4e264f78041983592d2

Signatures

  • Detects executables packed with ConfuserEx Mod 1 IoCs
  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8cf118d0a8b7d13fd1c0f5226bf506caea089c35e69a78d548b9625fa6c37968
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections