Resubmissions

16-12-2024 22:35

241216-2h314sskfx 10

13-12-2024 01:39

241213-b252pswmen 10

General

  • Target

    f0aaf1b673a9316c4b899ccc4e12d33e.bin

  • Size

    116KB

  • MD5

    5d94283b7257081ee6bf187703d4c970

  • SHA1

    4bf045392a4d9ea30efd89d90d415f1a2cbce698

  • SHA256

    78a6286951ae1ea0425e2726eb61c6fdaff91731a25c826cc5167f4b2f2eefa1

  • SHA512

    4f3853dff3d311b5361e17c8a95a9db3c6c14fae8b6344830e1111c9c6819739fa528878b87bf1cd4060ca898f637d9b8d7bd23840d5f28d587927438ede484c

  • SSDEEP

    3072:2HV+nkF0cho46FZj28vPvHlLrNTRd4Lqt2f/el1CLs:GV+A0cp8wMvVXdtt2f/CwA

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

fvcxcx

C2

185.81.68.147:1912

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f0aaf1b673a9316c4b899ccc4e12d33e.bin
    .zip

    Password: infected

  • fcc616ecbe31fadf9c30a9baedde66d2ce7ff10c369979fe9c4f8c5f1bff3fc2.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections