redline | 4628817b0db3ec6ba520d7fde57f56cfa5acfa070e5e951447c437d0ffea4c0d[.]zip

General

Target

4628817b0db3ec6ba520d7fde57f56cfa5acfa070e5e951447c437d0ffea4c0d.zip
Size

51KB
MD5

8f224f595f93a9babb96e293093cc8d3
SHA1

1799d2dd99d46b54a663be3fe77f778f39fd85eb
SHA256

3c507049936fbd883030171a3d1ff42d77d1ef1e91e5b39742f5e77ea2a83ae5
SHA512

1822ada6ca8ede7dbab93894d19ba6b5425ab80bd785364bd903833b733a7c821cc50f01d273d436b0a3a4532f5036529ed9dcb138878eeea8a9764b93ee1191
SSDEEP

1536:5ouPTlWk9khAqTlF+wBqIKnRF/crbTIxh:53PJWkq5JF+wIL0rbGh

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

4628817b0db3ec6ba520d7fde57f56cfa5acfa070e5e951447c437d0ffea4c0d.zip
.zip

Password: infected
4628817b0db3ec6ba520d7fde57f56cfa5acfa070e5e951447c437d0ffea4c0d
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ