Overview

overview

10

Static

static

10

dba5b9f676...f1.exe

windows7-x64

10

dba5b9f676...f1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dba5b9f67653ff8c6cc85b48eeee51629fd450ed56e63198413bb25c2001e0f1

  • Size

    120KB

  • MD5

    065446ffb8a73a2defebe3be84c202db

  • SHA1

    ed519a6732573772702e69aa6ad0583269631e4e

  • SHA256

    dba5b9f67653ff8c6cc85b48eeee51629fd450ed56e63198413bb25c2001e0f1

  • SHA512

    42fd6fbb8679fd36dfacfc2d0fd94a286d2d0a87e668e82eada0c4beb5f637e23c6b1890dae8384d024c0974f9f965eacb961122c838a90b5242c9aa94d3cee0

  • SSDEEP

    1536:Nqs4iqeHlbG6jejoigIH43Ywzi0Zb78ivombfexv0ujXyyed273teulgS6pIl:7/pVYH+zi0ZbYe1g0ujyzdXI

Score
10/10
cheatredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

david1234.duckdns.org:38369

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • dba5b9f67653ff8c6cc85b48eeee51629fd450ed56e63198413bb25c2001e0f1
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections