Overview

overview

10

Static

static

10

d584e58130...18.exe

windows7-x64

10

d584e58130...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d584e58130d63580e6ad71f41f09ca5b765d0516d26749e9ace7bc85d49c7a18.exe

  • Size

    8.4MB

  • MD5

    5a7d823359c21af24512dd647c0c3063

  • SHA1

    8478412d6375084597d944dc231a5b8ac16817bd

  • SHA256

    d584e58130d63580e6ad71f41f09ca5b765d0516d26749e9ace7bc85d49c7a18

  • SHA512

    8e3ebafc02d4755fd7bccff4a9edb291e9b2642f5b47bc92fb78018602ebec2a12a432b53c290001444f77ff967229422711564ea21e5331143557d2f79e5778

  • SSDEEP

    196608:tLUdwAmXaSMDdu+FtEF+mt6faSbMdoQDrCqIgxf0OKt72:tW5mKRDdu+MF+xfaSbuoQPLxFKt2

Score
10/10
xred

Malware Config

Extracted

Family

xred

C2

xred.mooo.com

Attributes
  • email

    [email protected]

  • payload_url

    http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download

    https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl=1

    http://xred.site50.net/syn/SUpdate.ini

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVzUyaHFYVkQxeFk&export=download

    https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1

    http://xred.site50.net/syn/Synaptics.rar

    https://docs.google.com/uc?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download

    https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl=1

    http://xred.site50.net/syn/SSLLibrary.dll

Signatures

  • Xred family
    xred
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d584e58130d63580e6ad71f41f09ca5b765d0516d26749e9ace7bc85d49c7a18.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections