redline | 85da9804784541949eb5a2ec82c1310f6002a3e630108035a5d26498c22d35ff[.]zip

General

Target

85da9804784541949eb5a2ec82c1310f6002a3e630108035a5d26498c22d35ff.zip
Size

51KB
MD5

d242c060adfbc24363fc289eed0c59cc
SHA1

7f7dd6d90098e3f3c3563b5e81307ed4a19002f4
SHA256

3f99fdd56d9078245ac667304afdb7ccf84809cf47ae5eaadb1657de04173dba
SHA512

a5f1ebced7966397a15e17f0458211174ad63dc1689b3549516d81126eef791268c4173f6fa65b9523a3c2e24c6bdb9e3edba96fbfff691a1556ba538b11ad25
SSDEEP

1536:zouPTlWk9khAqTlF+wBqIKnRF/crbTIxs:z3PJWkq5JF+wIL0rbGs

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

85da9804784541949eb5a2ec82c1310f6002a3e630108035a5d26498c22d35ff.zip
.zip

Password: infected
85da9804784541949eb5a2ec82c1310f6002a3e630108035a5d26498c22d35ff
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ