General

  • Target

    092b5ca5621b2a04c93f3127c2cccb75bf26f5b314dac20c9cfc78336cfb49f4N

  • Size

    176KB

  • MD5

    fa80bde05bc7a3d6557d3cbc1233e4f0

  • SHA1

    b029397629503203fc9816d248860a4254f0cb66

  • SHA256

    092b5ca5621b2a04c93f3127c2cccb75bf26f5b314dac20c9cfc78336cfb49f4

  • SHA512

    8c9e31e2e52980f303caa61cc7876a8ffbd561fd7dbfd34bacfdbc1196d4adbdb4e71a5495d244a5d5f54cdc37ff9811dbe2ea57ae6dd814a14b430c299892ff

  • SSDEEP

    3072:pxqZWzvagwoMR3I58ZlHeR5FthXfxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOb:bqZVY8qth

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

spora

C2

176.113.115.145:4125

Attributes
  • auth_value

    441b39ab37774b2ca9931c31e1bc6071

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 092b5ca5621b2a04c93f3127c2cccb75bf26f5b314dac20c9cfc78336cfb49f4N
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections