redline | 4aae54cfd4c23acc9684a9b8c6fe6555080fe26f13c42869281b76f6a717383a[.]zip

General

Target

4aae54cfd4c23acc9684a9b8c6fe6555080fe26f13c42869281b76f6a717383a.zip
Size

51KB
MD5

5e1278bb728d682e75f8f480904eb56e
SHA1

6a19a15180bafcdb0f3322e1527385ca3ec576ac
SHA256

c632f7312773111221f87f71f014e2f108d89fb5d8ca8c688c75b99ebed19f5c
SHA512

6575195900e16c5a6f7ad67bcb7eaa4b66063c447d7dda3547fae1b859fb09f3c3910b8d6a3a4c5acc0fbf7317ff4c0cfc9eb94d02c61e2f371d2e7d18f071c3
SSDEEP

1536:RouPTlWk9khAqTlF+wBqIKnRF/crbTIxE:R3PJWkq5JF+wIL0rbGE

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

4aae54cfd4c23acc9684a9b8c6fe6555080fe26f13c42869281b76f6a717383a.zip
.zip

Password: infected
4aae54cfd4c23acc9684a9b8c6fe6555080fe26f13c42869281b76f6a717383a
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ