General

  • Target

    MYNEWRDX.exe

  • Size

    304KB

  • MD5

    0f02da56dab4bc19fca05d6d93e74dcf

  • SHA1

    a809c7e9c3136b8030727f128004aa2c31edc7a9

  • SHA256

    e1d0fe3bada7fdec17d7279e6294731e2684399905f05e5a3449ba14542b1379

  • SHA512

    522ec9042680a94a73cefa56e7902bacb166e23484f041c9e06dce033d3d16d13f7508f4d1e160c81198f61aa8c9a5aecfa62068150705ecf4803733f7e01ded

  • SSDEEP

    3072:wq6EgY6imrUjTBUzwPC24EowndGt16TAHtASi6lcZqf7D34leqiOLibBOw:zqY6i8wPeEZndGtMTANAUlcZqf7DIvL

Malware Config

Extracted

Family

redline

Botnet

BUY TG @FATHEROFCARDERS

C2

45.66.231.214:9932

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • MYNEWRDX.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections