General

  • Target

    file.exe

  • Size

    300KB

  • MD5

    3edc68fb9a58f24cbd529d7c0a536757

  • SHA1

    ea62ab146a6b043818078d0b05e7f73444ed4881

  • SHA256

    7d8eae0fb5daead81c18cf83bcaa68896442159b5fd15bf6d34b15b079b3a9b4

  • SHA512

    8475ea0aab4e137565c101ebdf235bb1a370f124c012fe24e88d1ac32b580235d2579b1bd47d9aec94c1322d5c78dc31dc04f54f67b82cbebabf4cdcede82701

  • SSDEEP

    3072:acZqf7D34Tp/0+mA0kywMlQEg85fB1fA0PuTVAtkxz73RMeqiOL2bBOA:acZqf7DItnGCQNB1fA0GTV8kR0L

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

FOZ

C2

212.162.149.48:2049

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • file.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections