General

  • Target

    663e134513572ec054be6a261e8e0da365f1288d

  • Size

    59KB

  • MD5

    90dbf607e89bf87aef6a03184b027556

  • SHA1

    663e134513572ec054be6a261e8e0da365f1288d

  • SHA256

    f1d184bb7d3d68d01a149f99755400db006670f4ff97aa07a86226a33a8a80a0

  • SHA512

    433553a08cbbba9190b2e540ad42fd6bf3ee3f27d271242dbc8ffeabeca7a17ed6903443d09ca1b16b197406fc29d57e1dbcf1cd95d49e28196cd5142e8eeac0

  • SSDEEP

    1536:8FeA6Aa+ngrYcSiC+l/7YOCdqxu1jriSvx5mzwOMXq6pkR8:BA6Aa6g0cS0hi4gBriS5UJOt08

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

High

C2

80.66.87.20:80

Attributes
  • auth_value

    e5a19803f83e644a0008c2114f6c607e

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 663e134513572ec054be6a261e8e0da365f1288d
    .zip
  • d8fc3434a00b7ab79cdccb41a5dcd0dc373353fd0da916f042095017e70b57f3
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections