Overview

overview

10

Static

static

10

f78f2e70b2...18.exe

windows7-x64

10

f78f2e70b2...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f78f2e70b20587810b755e56821a0363_JaffaCakes118

  • Size

    100KB

  • MD5

    f78f2e70b20587810b755e56821a0363

  • SHA1

    0fb165666b097266421b16bd715926d979e55c23

  • SHA256

    93294f23cc879d497276dfcb0def6cbb8d33617648f75358f213886f6e5682b4

  • SHA512

    6f9327f0026b254d035adefd486c9dabda7aeadda6372c52e405abc8ffad9ce904de6bdd0006eebdbaa65673032b42ff58a042ee611be8aec501c826762a2a0a

  • SSDEEP

    1536:vo6aGbaCsimsMHOY/NohLIGOFauaqwggbue7vyucNyAsdJoetx5REzG6WAaoig7:vdxmCgBJGOcDqC3yuKyddPNWZr

Score
10/10
@twixrfredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

@twixrf

C2

185.224.132.232:64354

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f78f2e70b20587810b755e56821a0363_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections