General

  • Target

    313463cd6c00d8a38983010272e2650ad7e3ea6776d4d4d7a14bf6a6c3e359faN

  • Size

    116KB

  • MD5

    955fbb12a6077f8f59e4ccae3ea358e0

  • SHA1

    355dfd639671b6c983c7eca33936d3c858f6c779

  • SHA256

    313463cd6c00d8a38983010272e2650ad7e3ea6776d4d4d7a14bf6a6c3e359fa

  • SHA512

    a3d4e376602b4961e20ad58f30d9b88e00fece8875b7f75ddddab0dea3404a2aba2926157ea5df2e2a3a2bb17bcdc6e138ec85fceec6730cec4789657612623d

  • SSDEEP

    1536:J28qb1iBFLNGJzbB98tu/rw2UwimkWOxywAhbP0ikAr7n18BiEJezhN:J81OL0z9yDmkrxywC8cX18TJKN

Malware Config

Extracted

Family

redline

Botnet

newbild

C2

tedyoepela.xyz:80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • SectopRAT payload 1 IoCs
  • Sectoprat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 313463cd6c00d8a38983010272e2650ad7e3ea6776d4d4d7a14bf6a6c3e359faN
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections