Overview

overview

10

Static

static

10

b4a1e470f8...30.exe

windows7-x64

10

b4a1e470f8...30.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d860e52bfa60fec84b6a46661b45246.bin

  • Size

    111KB

  • MD5

    a2f693a89d032407ff6fe33273a72dea

  • SHA1

    f5dd818c57105d2057da4a62bd5ba8571f94170e

  • SHA256

    ca8d68f1622817852b124b37b11e2cff69fca2823a2aca334e6fb76ac63fbf95

  • SHA512

    220ff9fab3f72bae6c520de7e990d6f2c9959f0f77bc019d21bae40af83666205fed0abb7383fd439e28194fb86cad977bd1e170aa1122767ce2b5f3d5f48162

  • SSDEEP

    3072:af1/aD5oSFYpp+9uo4VVt51jgp0x+7ZrJLvDSCqp9ujHA:af1yDScYpSu7jtHk0x+9rJr+iA

Score
10/10
amaredline

Malware Config

Extracted

Family

redline

Botnet

AMA

C2

185.215.113.67:40960

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5d860e52bfa60fec84b6a46661b45246.bin
    .zip

    Password: infected

  • b4a1e470f814bbcf1bc26c087eb513f4bab6165c90ecf43ac71dd87702561c30.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections