Overview

overview

10

Static

static

10

56fa3bc096...6N.exe

windows7-x64

10

56fa3bc096...6N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    56fa3bc096b52f5cb37f2987c61ccbd7161c009e81a95c72ed196d87fd8f1e96N.exe

  • Size

    1.1MB

  • MD5

    9f30f28a1c7046b8c571d1079b9d7ad0

  • SHA1

    7960f0def1260e15044bab06a2eb02cf91884259

  • SHA256

    56fa3bc096b52f5cb37f2987c61ccbd7161c009e81a95c72ed196d87fd8f1e96

  • SHA512

    261f031912a6f0759e57302447509962df9c2922496d5cd458fe74bb6518201f513e68e05210bcb3f904983c84b7783787806c4d3fdefbf184ced66918d4912d

  • SSDEEP

    12288:4MSApJVYG5lDLyjsb0eOzkv4R7QnvUUilQ35+6G75V9gB+FT+ucrj:4nsJ39LyjbJkQFMhmC+6GD96y0X

Score
10/10
xred

Malware Config

Extracted

Family

xred

C2

xred.mooo.com

Attributes
  • email

    [email protected]

  • payload_url

    http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download

    https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl=1

    http://xred.site50.net/syn/SUpdate.ini

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVzUyaHFYVkQxeFk&export=download

    https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1

    http://xred.site50.net/syn/Synaptics.rar

    https://docs.google.com/uc?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download

    https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl=1

    http://xred.site50.net/syn/SSLLibrary.dll

Signatures

  • Xred family
    xred
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 56fa3bc096b52f5cb37f2987c61ccbd7161c009e81a95c72ed196d87fd8f1e96N.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections