Overview

overview

10

Static

static

10

0b612a1c9a...b0.exe

windows10-2004-x64

Resubmissions

29-11-2024 09:12

241129-k56l3ssmbr 10

30-12-2023 02:17

231230-cq6drsdaf9 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b612a1c9a2dfd784c084debbda2f7b0

  • Size

    1.0MB

  • MD5

    0b612a1c9a2dfd784c084debbda2f7b0

  • SHA1

    407099a1553c0c84d2687610b73af81413877c3d

  • SHA256

    ee68caa7731e91f0b0c8e1f597f2850a88b341b760bda7f4f8f589e8e40c2779

  • SHA512

    ec44b54ed3acb9228d10d3763f663d5c5fc17dfea3637858a7df8434cbd83eec5e5fc0b260f1d76ea636d85068451562044f2e3e25a640e461c3a1f5325547e3

  • SSDEEP

    24576:AnsJ39LyjbJkQFMhmC+6GD92c40RDI1pE:AnsHyjtk2MYC5GDQl3w

Score
10/10
xred

Malware Config

Extracted

Family

xred

C2

xred.mooo.com

Attributes
  • email

    [email protected]

  • payload_url

    http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download

    https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl=1

    http://xred.site50.net/syn/SUpdate.ini

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVzUyaHFYVkQxeFk&export=download

    https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1

    http://xred.site50.net/syn/Synaptics.rar

    https://docs.google.com/uc?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download

    https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl=1

    http://xred.site50.net/syn/SSLLibrary.dll

Signatures

  • Xred family
    xred
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0b612a1c9a2dfd784c084debbda2f7b0
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections