redline | 15ed1add8885dbe70a00fd87531b726175ead1ae09711a8b08df1993431beebe[.]zip

General

Target

15ed1add8885dbe70a00fd87531b726175ead1ae09711a8b08df1993431beebe.zip
Size

51KB
MD5

20bede957257b43e5c5950a153a229c7
SHA1

adbea694c46150707e7b94227aa495e459c1ada2
SHA256

291be8418ff9406b8d99225ce9678a037ac8eecc4413135068fd0c671bac4b1c
SHA512

3a41979bc99dcb2c04123333e49f3fd09b53c5b12eacfa73ab99e50c427c55d82f7852677a1f76ffe01935548fd9c01eb89654846bc3c123d84e0b24ddda24e6
SSDEEP

1536:DouPTlWk9khAqTlF+wBqIKnRF/crbTIx7:D3PJWkq5JF+wIL0rbG7

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

15ed1add8885dbe70a00fd87531b726175ead1ae09711a8b08df1993431beebe.zip
.zip

Password: infected
15ed1add8885dbe70a00fd87531b726175ead1ae09711a8b08df1993431beebe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ