Overview

overview

10

Static

static

10

build.exe

windows7-x64

10

build.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e16437294548b76c8239929235ba36f696b4350d62921917fa154772a6051665

  • Size

    39KB

  • MD5

    f8d277ab832f349c41123d6e565a0f55

  • SHA1

    42c2d14bb758a9ee2dfa15c1bb413b1fb60cb731

  • SHA256

    e16437294548b76c8239929235ba36f696b4350d62921917fa154772a6051665

  • SHA512

    1f6a8a00fe39934782fde5b66d8a1f3a88b606dbcf069ed3cf5fef441af924761ff22e74aca6151639f0b418461bedc9b36f9f08470456c8caee72959fe56e81

  • SSDEEP

    768:NddkLUkBxfxSqTDj7ifauVeRawWQ6q1GFGY+ZofXMpJFsJu+sNGXd8M+krr:oUcfrSCubwW/qtTofctso+sSdZr

Score
10/10
wcmfr5xkm66wkyvkredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

wcmFr5xKM66WkyVK

C2

45.42.45.232:63495

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e16437294548b76c8239929235ba36f696b4350d62921917fa154772a6051665
    .rar
  • build.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections