redline | d74914a29cfa858cd9daba67a5dc89684f0403c8d2f20cd8456dc2031090d0bf[.]zip

General

Target

d74914a29cfa858cd9daba67a5dc89684f0403c8d2f20cd8456dc2031090d0bf.zip
Size

51KB
MD5

315064067fe9232f7cd69a026db6e675
SHA1

00836a05ddf25104c0040ac14a29c05f2236ec07
SHA256

57b343f7f0a1d53d76dc34e4190eb28b05501caf6293a4ac9e4e20c2332acea2
SHA512

b1cf6e132a8356b98be76c9ce52bb3a5b4386dbd4ef1ce6210a9cc8c0dcab6c9a238c32f5e9e292b607e927146b20741c3b2f4f217eb74f3111c5b8854e43de4
SSDEEP

1536:4ouPTlWk9khAqTlF+wBqIKnRF/crbTIxO:43PJWkq5JF+wIL0rbGO

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

d74914a29cfa858cd9daba67a5dc89684f0403c8d2f20cd8456dc2031090d0bf.zip
.zip

Password: infected
d74914a29cfa858cd9daba67a5dc89684f0403c8d2f20cd8456dc2031090d0bf
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ