General

  • Target

    fa531643d33d5e3c9e81953ac95d085c5349fb24bc0a77a2eeb9b66b93c34573

  • Size

    272KB

  • MD5

    242c2f9f5e38461eaf352c17b7f71078

  • SHA1

    471c9abc5139175341eb2a2ee617b87f2b682e16

  • SHA256

    fa531643d33d5e3c9e81953ac95d085c5349fb24bc0a77a2eeb9b66b93c34573

  • SHA512

    ea0bc48ed7960bc6bcf7c488cd02f839292b0a678ff7fa39b216c32ebb6b944e1080acfbdde2938acba981ee82593845b54b3dce2a43c1f98ccf80eee40c05f6

  • SSDEEP

    3072:Fs6jYELp6VFxCvNqKmOl9qkCJM+wbSpvLW9Mo40EG9chzfnXqCYxNn2pU9f2MKTL:Fs6j+YNqKmOzKM+wbSpvLWBchTnXX

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

ronam

C2

193.233.20.17:4139

Attributes
  • auth_value

    125421d19d14dd7fd211bc7f6d4aea6c

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fa531643d33d5e3c9e81953ac95d085c5349fb24bc0a77a2eeb9b66b93c34573
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections