General

  • Target

    4d300bba37dbbc76dd9e00be9f0b0e46a7e78d238321b6c908cf8537f7225d97

  • Size

    169KB

  • MD5

    6941ec247414006f3a41469842364cdc

  • SHA1

    a3f98216e849db9d92563b77a0168d94bf2e62c8

  • SHA256

    4d300bba37dbbc76dd9e00be9f0b0e46a7e78d238321b6c908cf8537f7225d97

  • SHA512

    8fb7ab0f608a4101221f05bf158b50a696cdb6ecc30188be2b9bfb89e645c5f940122fd6a2a4fea376d0dffcfe48097e3b78ffc3194709a675ddd3b07c807adb

  • SSDEEP

    1536:jyOHBgqlVZRGWQ3ZrrQUYH9izdOzu2dTGqVibuTjNkZOjgAVU83wYke8e8hf:jyOhyTI7YqV2KqZOjgAVUw8e8hf

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

diza

C2

77.91.124.145:4125

Attributes
  • auth_value

    bbab0d2f0ae4d4fdd6b17077d93b3e80

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4d300bba37dbbc76dd9e00be9f0b0e46a7e78d238321b6c908cf8537f7225d97
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections