General

  • Target

    2a711f77decca10bdb3bfc5df22c43ad001f7b1ce570a29181c7b173cc6cf889

  • Size

    272KB

  • MD5

    d948ffece953d554f11e97167af9e9bc

  • SHA1

    467cab90312a678038fc6d78811edfe77fdbff41

  • SHA256

    2a711f77decca10bdb3bfc5df22c43ad001f7b1ce570a29181c7b173cc6cf889

  • SHA512

    060bd43d60a225b49d71acc1ac4c7955d283799064ad4ba9843c6b4fa62f7242fadcf9e31085e8ec3ab3317fb0c020185de0c98d7c4d2a6ba17f3b1c920ce962

  • SSDEEP

    3072:A6joELz6lmfCJRNa0UcAO0kk+aVpvLV9Kno40NQnLhFNnTrOafMfxNn2pU9f2MKV:A6jsJaDcATkk+anvLVozLhHnR

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

rodik

C2

193.233.20.23:4124

Attributes
  • auth_value

    59b6e22e7cfd9b5fa0c99d1942f7c85d

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2a711f77decca10bdb3bfc5df22c43ad001f7b1ce570a29181c7b173cc6cf889
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections