redline | d4582e0e41e3006e990aad902fd01aaa8eb4e9cd3df7bd556abd1c31ca21bbf9[.]zip

General

Target

d4582e0e41e3006e990aad902fd01aaa8eb4e9cd3df7bd556abd1c31ca21bbf9.zip
Size

51KB
MD5

5c17e3d5fffc49bcd31873a2961f625c
SHA1

579b9842fe315f3fccba8c11f69a2b09e4ca3ca9
SHA256

94aa742654cd263288917d00942bef900c5d4f8067d0a1aafed8e6fdc30c6626
SHA512

db9763741ec43b1cdc73414f154582b61937879af7a70d868403d6fe8bf233cdc3323e3af05d688a422cbe9ef25aa58ea52213e7d228374bc23ec085cdb69eb6
SSDEEP

1536:6ouPTlWk9khAqTlF+wBqIKnRF/crbTIxm:63PJWkq5JF+wIL0rbGm

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

d4582e0e41e3006e990aad902fd01aaa8eb4e9cd3df7bd556abd1c31ca21bbf9.zip
.zip

Password: infected
d4582e0e41e3006e990aad902fd01aaa8eb4e9cd3df7bd556abd1c31ca21bbf9
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ