redline | ba500a72bf6c89ff854336db958b331d9f006020071c8073fa849c5e9abf6525[.]zip

General

Target

ba500a72bf6c89ff854336db958b331d9f006020071c8073fa849c5e9abf6525.zip
Size

50KB
MD5

531497a604b9ffe7d2e615a3a3dd0b2e
SHA1

d5e50b209af06158d652f290d83c94b40d1bf8a1
SHA256

1f671c4cc6827fa578972a3cf32f70ff7db9e4da424de09a49aefcd474275ab9
SHA512

e1b3d3b42eba82c81a195a5bf4cfe7ed82f356a3e152f737cbb8ed73109d9312ddcd43229bdfe087a4f76253cabbdabe9050d05ecb9f596ddc88104573c00999
SSDEEP

1536:nJYUNI97X4+7vcdIMPgbO7x8+8GHRtS0B5R:JYUNIJZY1Pg7B8tzJ

Score

10^/10

otraba redline

Family

redline

Botnet

otraba

C2

85.31.45.177:6218

Attributes

ba500a72bf6c89ff854336db958b331d9f006020071c8073fa849c5e9abf6525.zip
.zip

Password: infected
ba500a72bf6c89ff854336db958b331d9f006020071c8073fa849c5e9abf6525.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ