General

  • Target

    f2e853043a9b65a447a83db1b67358338e1c8dce046c3ff4bc74f1e3a462158b

  • Size

    364KB

  • MD5

    3b711c0ff5077543c163d2110c27475e

  • SHA1

    b96b7e2e67a0f0ef49e8e597cff85a8c9ee4f449

  • SHA256

    f2e853043a9b65a447a83db1b67358338e1c8dce046c3ff4bc74f1e3a462158b

  • SHA512

    c4f994f01143ae2f428aadc4f418592e3cc0e46c81015661d937ca3d5888e728122d26a220b3cc8ac9a78e5d924cd184bdd10208a87aa20b5819ef315b1b3f86

  • SSDEEP

    6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes
  • auth_value

    866ce0ed8cfe2be77fb43a4912677698

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f2e853043a9b65a447a83db1b67358338e1c8dce046c3ff4bc74f1e3a462158b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections