General

  • Target

    b4a1e470f814bbcf1bc26c087eb513f4bab6165c90ecf43ac71dd87702561c30

  • Size

    297KB

  • MD5

    5d860e52bfa60fec84b6a46661b45246

  • SHA1

    1259e9f868d0d80ac09aadb9387662347cd4bd68

  • SHA256

    b4a1e470f814bbcf1bc26c087eb513f4bab6165c90ecf43ac71dd87702561c30

  • SHA512

    04ea5757d01508a44e0152b3aa78f530908da649d59b8ce7ee3e15c2d4d0314c97f346c1e79b1810edb27165d04781c022937d02536dc9b1dd4c55f023a47701

  • SSDEEP

    3072:WqFFrqwIOGdTypEmz07sFPaF16CVyeR+LhdwT5TZMfvgZcZqf7D34NeqiOLCbBOy:tBIOG6hPPLd05TZaYcZqf7DI3L

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

AMA

C2

185.215.113.67:40960

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b4a1e470f814bbcf1bc26c087eb513f4bab6165c90ecf43ac71dd87702561c30
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections