redline | f7695ff94e1061c70f159dfc5912a39418349df058edd331bd76430847d0972f[.]zip

General

Target

f7695ff94e1061c70f159dfc5912a39418349df058edd331bd76430847d0972f.zip
Size

51KB
MD5

7081eb80fb221305cb9d11382f8b4657
SHA1

c08ba351132fdf136ac16a9bf4df889e0a915de5
SHA256

6eb1e23430242d3d44d97b482d0247b5c26c8d32ca06ad29d2ca5e6a78d68163
SHA512

773cc5395c007bda794902b5a122dec4fd298bd52a206c93eb17105b27779dc91e61dd7128a6e9f8455fa5dbd9c18459abe7127fa5700d7d38b5c808512eec9f
SSDEEP

1536:5gKh5645RT/D6532Q8zxvZTKmda5IX0H8CM7fs6a8vLNAHv4JC:5gKh564njDKGQ8zLNdS78uIZIQU

Score

10^/10

vila redline

Family

redline

Botnet

vila

C2

193.233.20.33:4125

Attributes

f7695ff94e1061c70f159dfc5912a39418349df058edd331bd76430847d0972f.zip
.zip

Password: infected
f7695ff94e1061c70f159dfc5912a39418349df058edd331bd76430847d0972f
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ