Overview

overview

10

Static

static

10

c11dafb254...b8.exe

windows10-2004-x64

Resubmissions

29-11-2024 09:18

241129-k9pt5asngk 10

28-12-2023 03:46

231228-eb17lsgde9 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c11dafb254f748f541502802db5ae1b8

  • Size

    12.5MB

  • MD5

    c11dafb254f748f541502802db5ae1b8

  • SHA1

    2551d3c798242a706ec1cd8945c9535dfeff0d47

  • SHA256

    e5f057ece52cb1241159b7c61238787d19b15eb2f3b53b939d3fba8e32a25f46

  • SHA512

    f7dfd324e72ec9149814c9fc4004471bcf51fe523e40bb85a4d4156a0f2833de8714006ed00104e1e51cb7ac4532e3a509e3083d5f360b5d45636689b26a63ff

  • SSDEEP

    393216:Y+xgjihkUhKHKr0M19lSBi7S02OOagDO:/xg2ThoMUOOagDO

Score
10/10
xred

Malware Config

Extracted

Family

xred

C2

xred.mooo.com

Attributes
  • email

    [email protected]

  • payload_url

    http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download

    https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl=1

    http://xred.site50.net/syn/SUpdate.ini

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVzUyaHFYVkQxeFk&export=download

    https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1

    http://xred.site50.net/syn/Synaptics.rar

    https://docs.google.com/uc?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download

    https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl=1

    http://xred.site50.net/syn/SSLLibrary.dll

Signatures

  • Xred family
    xred
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • c11dafb254f748f541502802db5ae1b8
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections