redline | c5e7b8cc508292f2dc7a9e3061c322f8dbd05f0c5f3118326ac4b3e09bc06202[.]zip

General

Target

c5e7b8cc508292f2dc7a9e3061c322f8dbd05f0c5f3118326ac4b3e09bc06202.zip
Size

51KB
MD5

8e3d900b3712d09909c33543547c284c
SHA1

c2f23811801e32242efc366dd7a36a46e84bfa7d
SHA256

ea7a1a76bfa12a75e2406c896fea09905f42ce3bbf1b18670aa093ee632c607e
SHA512

8f74968edcfe93dc41f7e7acdad28f97bff9962f56d6e11670f39caee5a5def3dceac67abafc5f58ec511be0bb406c43bb8a79021146761d032d7f2577af77aa
SSDEEP

1536:pouPTlWk9khAqTlF+wBqIKnRF/crbTIxD:p3PJWkq5JF+wIL0rbGD

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

c5e7b8cc508292f2dc7a9e3061c322f8dbd05f0c5f3118326ac4b3e09bc06202.zip
.zip

Password: infected
c5e7b8cc508292f2dc7a9e3061c322f8dbd05f0c5f3118326ac4b3e09bc06202
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ