redline | e48c26a383da1a6bdd1c15abdc56c3fc150e72790a6cb93c6efbbe16d06d4663[.]zip

General

Target

e48c26a383da1a6bdd1c15abdc56c3fc150e72790a6cb93c6efbbe16d06d4663.zip
Size

51KB
MD5

0f56fa056d52fc07d0c298f52dc7d6dd
SHA1

b2acca239a55b2c860f39ace47b247265671ab26
SHA256

b2909e5c097219a77006e2f73273e9c1ace7b721eb96803e528178f2495e0c68
SHA512

2546eb1ce6659beb8b452fc3f2c85b516869dbb82c18cdbf5de40ce2fdb33ae8b646809ea14c777151c7c9a99ef9cc382224867c17d2d0ac6923965620ad3f01
SSDEEP

1536:YouPTlWk9khAqTlF+wBqIKnRF/crbTIxI:Y3PJWkq5JF+wIL0rbGI

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

e48c26a383da1a6bdd1c15abdc56c3fc150e72790a6cb93c6efbbe16d06d4663.zip
.zip

Password: infected
e48c26a383da1a6bdd1c15abdc56c3fc150e72790a6cb93c6efbbe16d06d4663
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ