General

  • Target

    30072024.exe

  • Size

    304KB

  • MD5

    aedfb26f18fdd54279e8d1b82b84559a

  • SHA1

    161a427ef200282daf092543b3eda9b8cd689514

  • SHA256

    ba7517fbc65542871d06e7d4b7a017d5c165f55dda2b741e2ba52a6303d21b57

  • SHA512

    30c5836584b3d74e9a0719e0559f2b83900210ee574ae780d793cdc6396bd9b7cb672f401dfa15a58687ad1d769d5ef5c0b0b24de83dec3c8429a259c9a37bb2

  • SSDEEP

    3072:lq6EgY6iwrUjL849wPzsyozn/jBCTAvtA2iZpcZqf7D341eqiOLibBOc:sqY6i/wPEPBCTAFAvpcZqf7DIfL

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

30072024

C2

185.215.113.67:40960

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 30072024.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections