General

  • Target

    729a18396d223d572bc1be314969a0cb5bb_JC.exe

  • Size

    172KB

  • MD5

    09c157f9647f8b0d434b38d7eadb8b10

  • SHA1

    e93dcdbab46003f7d06914125990874736f659fa

  • SHA256

    729a18396d223d572bc1be314969a0cb5bb01e7dae5c5d1b429ed421c82b1394

  • SHA512

    0987a87aacb2714ff0537dd192c34d3d8145a878acf5fcc81b16cd6f1d1d0eee4a822884aafe91bdb2e8c7cffe9d83a16da0dfb3fd442505d5cad3ed3e653268

  • SSDEEP

    3072:lvnrZuzNeB6ng8mxNky0zWPsGTT8e8hI:lnX6g89JmsGTT

Score
10/10

Malware Config

Extracted

Family

redline

Botnet

@LJAGYXA

C2

94.142.138.4:80

Attributes
  • auth_value

    9aec37c9a7a88796e19438759b1463d3

Signatures

  • Redline family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 729a18396d223d572bc1be314969a0cb5bb_JC.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections