Overview

overview

10

Static

static

10

38cd5625a9...3c.exe

windows10-2004-x64

10

Resubmissions

29-11-2024 09:09

241129-k4q51axkaz 10

31-12-2023 09:44

231231-lqqsraeacp 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    38cd5625a947de772cd84546e8fdb743d85d7ce7523ec30fbc5ecb8d7471703c

  • Size

    3.4MB

  • MD5

    841907da61afc25c6c092c7fa2113201

  • SHA1

    54f20ee5fc2a720d6a5c4d9cdd3efbf481a7a7ae

  • SHA256

    38cd5625a947de772cd84546e8fdb743d85d7ce7523ec30fbc5ecb8d7471703c

  • SHA512

    707cef7515033719a1f7a072feafb7072362419b01596f4521ace31f50aa36aa0f8a91a271f3518cb69762a6318f902bcc379641779454b60f9b877df34751cd

  • SSDEEP

    49152:XsbUHw+HnsHyjtk2MYC5GDQICvNYGtOGjM8QvL4OkEqtFry3Vo5Sn7+:cbUHw+Hnsmtk2a9xYL49Eqtk3K5q7+

Score
10/10
xred

Malware Config

Extracted

Family

xred

C2

xred.mooo.com

Attributes
  • email

    [email protected]

  • payload_url

    http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download

    https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl=1

    http://xred.site50.net/syn/SUpdate.ini

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVzUyaHFYVkQxeFk&export=download

    https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1

    http://xred.site50.net/syn/Synaptics.rar

    https://docs.google.com/uc?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download

    https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl=1

    http://xred.site50.net/syn/SSLLibrary.dll

Signatures

  • Xred family
    xred
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 38cd5625a947de772cd84546e8fdb743d85d7ce7523ec30fbc5ecb8d7471703c
    .exe windows:4 windows x86 arch:x86

    aa95652216eaade6b40fc3f75fc32856


    Headers

    Imports

    Sections