redline | 002bd4c3a43b4d1a6d001681921d0b2022612f3f253c9799b8d37e2a7d04aa37[.]zip

General

Target

002bd4c3a43b4d1a6d001681921d0b2022612f3f253c9799b8d37e2a7d04aa37.zip
Size

51KB
MD5

c4cb61546b4b64950c53f88268a1cea7
SHA1

f79bacfec0ec15f38617b2eec720e6e805e769a3
SHA256

971eb176547ae37889832661d42b32a2847965b99d380a202e31b06b02daa66e
SHA512

17f3678e09e16ebd6e67081a431a54f0a22092a9d6a408bb7f8e8644e388bbed854a7183f05878d7b33576f49f85b9c85e0775c3ef1a1dc48d3c9930a3dfb43f
SSDEEP

1536:eTU2C1KW+X1pX20w6Q7mwOxaurbncg+AU+s0jDbBc8T:eAr1R+l85U4urb3++DbBh

Score

10^/10

renta redline

Family

redline

Botnet

renta

C2

176.113.115.145:4125

Attributes

002bd4c3a43b4d1a6d001681921d0b2022612f3f253c9799b8d37e2a7d04aa37.zip
.zip

Password: infected
002bd4c3a43b4d1a6d001681921d0b2022612f3f253c9799b8d37e2a7d04aa37
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ