redline | 82813fc02973d1ffcb8d7f89f6d0e457db66cdbac8dd3d1a4b86fd6da96ca97a[.]zip

General

Target

82813fc02973d1ffcb8d7f89f6d0e457db66cdbac8dd3d1a4b86fd6da96ca97a.zip
Size

51KB
MD5

08dc3ddd3ca414eda89cf526d8304770
SHA1

547e5464d156671399ebd6cf1bc6dc2b1f6b6d17
SHA256

73c6e9a0a78b974c66288fda01580bd4ffc5f08dcf18bb6c0e77598f10182ce1
SHA512

07134a873aa983f26798fd15e03dfb05e305a92ec3c3f7656f14f6786ece9cc87a0102b246d2a04bf0ecd11deac8d9579afed9310582c45b8b7dc4660ccaa2c7
SSDEEP

1536:VouPTlWk9khAqTlF+wBqIKnRF/crbTIx6:V3PJWkq5JF+wIL0rbG6

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

82813fc02973d1ffcb8d7f89f6d0e457db66cdbac8dd3d1a4b86fd6da96ca97a.zip
.zip

Password: infected
82813fc02973d1ffcb8d7f89f6d0e457db66cdbac8dd3d1a4b86fd6da96ca97a
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ