Malicious
General
Structural Analysis
Config.2
Yara Rules4
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 348912a5141a6494e23ac40426deae91
|
| Sha1 | 996b878ff2e14adcd4c1ee07e796f56ccb7d7f1b
|
| Sha256 | f59d1974bccec9907d6a0c5406326bd5c75a65b12179f99a4ad288dca0175f95
|
| Sha384 | f6fd8895640049dc3634eb76c4409cf9ae09f44faf312ce7a6cb530e7b0181c3b5df2bd164792ebf9eca17b116c58a73
|
| Sha512 | 96bc8301f191d2882506f66d396ed60fb8fda861316f2de7a9ce5a78ed9b954c5dabf4d548a8ca0d19157ed9b963c73d2b75074fcf494b4313b85ac6cc6c5d0f
|
| SSDeep | 1536:y7/XsLopVa4luZRjD0cSW5BtVQDCkap6w3ntdRkyKabuYq/SbDEiYUSasYUATzU4:y7/cmax30PW7Rp6w3nnRbLnHZSPYUyf
|
| TLSH | 51C3129D109BF2967D539E35E266A21A0DFF0448EE0BF3CE9197D7ADBF0BA0C4425046
|
File Structure
e9aa0b4540115b3dcec3af70b6de27e54e4a0fa96d1d3cb33bac121d804c1d61.zip
Zip Archive
Executable
PE (Portable Executable)
RAT
Stealer
Malicious
RedLine Stealer
RECORDSTEALER
Malicious
e9aa0b4540115b3dcec3af70b6de27e54e4a0fa96d1d3cb33bac121d804c1d61.exe
Archive Entry
Executable
PE (Portable Executable)
Win 32 Exe
x86
RAT
Stealer
Malicious
RedLine Stealer
RECORDSTEALER
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Malware Configuration - RedLine Encoded Config.
|
Config. Field0 | Value |
|---|---|
| [Configuration Module Name] | Arguments |
| [Configuration Module Full Name] | Arguments |
| IP | Cx41WSsDO1g/DjZaJQ0tCik3Cz4FMC8e |
| ID | Cx41XigvOBAqMz0HMz8tTg== |
| Message | |
| Key | FJdjgijisdgjigdsgsd |
| Version | 0 |
Malware Configuration - RedLine Decoded Config.
|
Config. Field0 | Value |
|---|---|
| [Configuration Module Name] | Arguments |
| [Configuration Module Full Name] | Arguments |
| IP (C2) | 147.45.44.224:1912 |
| ID | 1488Traffer |
| Key | FJdjgijisdgjigdsgsd |
| Version | 0 |
e9aa0b4540115b3dcec3af70b6de27e54e4a0fa96d1d3cb33bac121d804c1d61.zip (119.15 KB)
File Structure
e9aa0b4540115b3dcec3af70b6de27e54e4a0fa96d1d3cb33bac121d804c1d61.zip
Zip Archive
Executable
PE (Portable Executable)
RAT
Stealer
Malicious
RedLine Stealer
RECORDSTEALER
Malicious
e9aa0b4540115b3dcec3af70b6de27e54e4a0fa96d1d3cb33bac121d804c1d61.exe
Archive Entry
Executable
PE (Portable Executable)
Win 32 Exe
x86
RAT
Stealer
Malicious
RedLine Stealer
RECORDSTEALER
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
Malware Configuration - RedLine Encoded Config.
|
Config. Field0 | Value |
|---|---|
| [Configuration Module Name] | Arguments |
| [Configuration Module Full Name] | Arguments |
| IP | Cx41WSsDO1g/DjZaJQ0tCik3Cz4FMC8e |
| ID | Cx41XigvOBAqMz0HMz8tTg== |
| Message | |
| Key | FJdjgijisdgjigdsgsd |
| Version | 0 |
Malware Configuration - RedLine Decoded Config.
|
Config. Field0 | Value |
|---|---|
| [Configuration Module Name] | Arguments |
| [Configuration Module Full Name] | Arguments |
| IP (C2) | 147.45.44.224:1912 |
| ID | 1488Traffer |
| Key | FJdjgijisdgjigdsgsd |
| Version | 0 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.