redline | a295ff4b238dbfc15de12f6279bd563159e9710726e0662f52a2e129e379404a[.]zip

General

Target

a295ff4b238dbfc15de12f6279bd563159e9710726e0662f52a2e129e379404a.zip
Size

51KB
MD5

48f441b406bdb33f95758843aeee0481
SHA1

441069d0a5a2a72a938a8b5b41b67f322d7a28a8
SHA256

57f9ad63fa505218a993566020227819eaa557dfecc5854e5ed92ad5854afa76
SHA512

0391b088d0f8a3ac240fd759844f46c87ec0e4a71d65450dda1a3fb2ac6f9c52f8bddc3532950897b8e012e5d680a566b5c040414247afac1fb000bca8296499
SSDEEP

1536:rouPTlWk9khAqTlF+wBqIKnRF/crbTIxT:r3PJWkq5JF+wIL0rbGT

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

a295ff4b238dbfc15de12f6279bd563159e9710726e0662f52a2e129e379404a.zip
.zip

Password: infected
a295ff4b238dbfc15de12f6279bd563159e9710726e0662f52a2e129e379404a
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ