redline | 9ea1b30aa5a0454493960ef68689558e787a1dbc371d08c867d56ac18301152b[.]zip

General

Target

9ea1b30aa5a0454493960ef68689558e787a1dbc371d08c867d56ac18301152b.zip
Size

51KB
MD5

18e137cc5f2fa23aeb32a8e55820793a
SHA1

82effb3209c961766b15b90ba406eddae9a8ae3e
SHA256

7120d4b576e22cbf73721e7b4d1ff168465ca4c916037fd7e47fd2aa396c369c
SHA512

94842a2a23c2928c550839082ffaa2a00bdb4bd92b8733f1258f750704117a52baa1b5e5ce1d70f462786fedf327d1aa866eca15cf6f248c0c9fe9dd1cd153a4
SSDEEP

1536:mTU2C1KW+X1pX20w6Q7mwOxaurbncg+AU+s0jDbBc8S:mAr1R+l85U4urb3++DbBY

Score

10^/10

renta redline

Family

redline

Botnet

renta

C2

176.113.115.145:4125

Attributes

9ea1b30aa5a0454493960ef68689558e787a1dbc371d08c867d56ac18301152b.zip
.zip

Password: infected
9ea1b30aa5a0454493960ef68689558e787a1dbc371d08c867d56ac18301152b
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ