General
-
Target
66b8d920f03c6_build.exe
-
Size
95KB
-
MD5
265b45d7a9d3f51b3b8512f3088c2e01
-
SHA1
a3e8de6184f1e472d5a4f3deff5312bcc8674ad4
-
SHA256
3fb9c7fb6ce102e9e8f7eef037e9b0b120f69b5f4d3dbcf4ca84cba17f655ec8
-
SHA512
a98577273ab670d6bb646c08793fa813f0b0fe44099d0394477e6f56d93f393f2859ea4b027c9f92ffe2145bce5c5d62c2cb59d550a9d7d76102ea71e0e309ba
-
SSDEEP
1536:Bqs+Wqm2lbG6jejoigI743Ywzi0Zb78ivombfexv0ujXyyed2s3teulgS6pUl:vZB+Y7+zi0ZbYe1g0ujyzdaU
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
Exodusmarket
C2
45.66.231.184:1334
Signatures
-
RedLine payload 1 IoCs
-
Redline family
-
SectopRAT payload 1 IoCs
-
Sectoprat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
66b8d920f03c6_build.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections