Overview

overview

10

Static

static

10

a94af8234c...a1.exe

windows7-x64

10

a94af8234c...a1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    24b1454141362b9675b17e9d779c5c93.bin

  • Size

    43KB

  • MD5

    c0d477ba33ebb2d04b74f04b35b1fe08

  • SHA1

    9b8def10b8d1ea9cf4ec6b51cc364827bebef114

  • SHA256

    31bded119969fb6cb9614819db05d756bbf53c6c9afa5d5ca6d4f6ec1214321e

  • SHA512

    c9deb03059b6134b74843a583309981fed3fcf74fcff9ae579e765a1b93346a6adc083543e814e5492d95b1b676d9b02e691454d25ef1154c46acaaccfe9cd50

  • SSDEEP

    768:uhdYgPi3SvjSjBwP8fUfKsUcrfnLMOW2SqwsX2g0V9WCzfztPfd91p0akoXlDkE6:uhdYJva82UczngOWvqwC8jzfztPVJPfW

Score
10/10
@pr0xybroredlinesectoprat

Malware Config

Extracted

Family

redline

Botnet

@Pr0xyBro

C2

77.90.22.45:15352

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • SectopRAT payload 1 IoCs
  • Sectoprat family
    sectoprat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 24b1454141362b9675b17e9d779c5c93.bin
    .zip

    Password: infected

  • a94af8234c234fb5e65dedcfb33823abfbbefd0f451bbbddd96b6fc455e4cfa1.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections