redline | 94f714bf9c785b7f4f124b2d3fb310b07fef536c0c503da7c3335b7695e471bd[.]zip

General

Target

94f714bf9c785b7f4f124b2d3fb310b07fef536c0c503da7c3335b7695e471bd.zip
Size

51KB
MD5

ef92ecc753dc3e2a5c2c493fc080a4c0
SHA1

f3710168c50901d0aa83a57b4c4375f67b644cdc
SHA256

2d10e06bf691cc9e84f9e7e30fb6418b77b276d193fb328c4d39f97edd9b8e39
SHA512

09de298215620bd5a2412cfbacb96ef7659a4c355b38729e24d1f51c1350ab7c646b166c3b5254f0b6d605e2600d946c26b419649c6426a1da335cba31a17ac1
SSDEEP

1536:youPTlWk9khAqTlF+wBqIKnRF/crbTIx2:y3PJWkq5JF+wIL0rbG2

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

94f714bf9c785b7f4f124b2d3fb310b07fef536c0c503da7c3335b7695e471bd.zip
.zip

Password: infected
94f714bf9c785b7f4f124b2d3fb310b07fef536c0c503da7c3335b7695e471bd
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ