redline | d92ac801e20616e6625f31848b277c2ba2979404ee7a5065e20c1f316083bd32[.]zip

General

Target

d92ac801e20616e6625f31848b277c2ba2979404ee7a5065e20c1f316083bd32.zip
Size

51KB
MD5

9a27c66a31ed5cc3180d9a31736475e2
SHA1

eb20b370241b1c24cc32c8d47a063415c1598cc5
SHA256

e437f226a0e5e0ba5d3925ab6695ba5ae72ded0c8aed6dbc09b6d7bd8eea6c24
SHA512

09cc8f28ab6828f138d72ab4e04483ae0fb56b12cc9a6e65ac42a10ebc9ed16232b8321afc1a35c86dabc25173edeb7647c115d3d1b717fa53eeb43de5713ede
SSDEEP

1536:XouPTlWk9khAqTlF+wBqIKnRF/crbTIxs:X3PJWkq5JF+wIL0rbGs

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

d92ac801e20616e6625f31848b277c2ba2979404ee7a5065e20c1f316083bd32.zip
.zip

Password: infected
d92ac801e20616e6625f31848b277c2ba2979404ee7a5065e20c1f316083bd32
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ