redline | a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd[.]zip

General

Target

a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd.zip
Size

130KB
MD5

37ff982cab67e09853fed83193320549
SHA1

f472d9a2b4f039cc6240cff9332aa26ab8d7bc0c
SHA256

7492380e2ce0aa0eb48e74fbea75227057fdc264a6540327cdb1689c5d49f18c
SHA512

4ef76098b5d447122427e465c0d29975bd335220bb38dd8273ecf3cfa5e3aa4a438b71f7190eca4fbd0c170ae48a252c2746cd28df6912cf4a47b581fdb3d74f
SSDEEP

3072:2orhzoS8Md/vvc3O5Vh7tsEgrXKIaFOnrkWbum/b9n3YvYFlDOBJS:2oVzYMdU4VvVIegcm/blYvcmJS

Score

10^/10

amazon redline

Family

redline

Botnet

amazon

C2

185.156.72.48:26464

Attributes

a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd.zip
.zip

Password: infected
a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ