redline | 2502b08f97adea87964fb9b201fbd0331494a4d49f88b0d2fb0422860f50c7b1[.]zip

General

Target

2502b08f97adea87964fb9b201fbd0331494a4d49f88b0d2fb0422860f50c7b1.zip
Size

51KB
MD5

4cc8087c21d4fbbd3ba8608cabe19e7d
SHA1

d3ae3f4ecde9e2435f6697500d0d74421ae5bc37
SHA256

a675e232cf4d7a7b301ced06f9ca6c892428f9cb94abe8e4fad5d2659a69eca1
SHA512

2e876fe3eb0a24ece6a92896ef03f38e603ee46bbc08541fe789721067dced397f4957615e0d89e59a1e0b88efe1ec971612e74307fc37d4d40641aa377030b7
SSDEEP

1536:RouPTlWk9khAqTlF+wBqIKnRF/crbTIx1:R3PJWkq5JF+wIL0rbG1

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

2502b08f97adea87964fb9b201fbd0331494a4d49f88b0d2fb0422860f50c7b1.zip
.zip

Password: infected
2502b08f97adea87964fb9b201fbd0331494a4d49f88b0d2fb0422860f50c7b1
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ