redline | 788eeedb1ff468efbc7685c5770b92b5fcf1f92c9b3826ef33aa2d14bffb59ee[.]zip

General

Target

788eeedb1ff468efbc7685c5770b92b5fcf1f92c9b3826ef33aa2d14bffb59ee.zip
Size

51KB
MD5

3ca805c8e744a11a917ee820ae325a89
SHA1

fdc90e43a6a718b26bf58ad3c3a0309742e4bbbb
SHA256

f54518a95e80fec57b8cd1d2eb39fe9a122548a947cc32d4e598e3cfb88d0a33
SHA512

efd9f77ac4ab390adaf61e085851c0c9523b0ecf69223c0d0e932c87ee1d9e93830ba4f2bc3302055070c6a942f5336daed0148c1874c334fcdc021ce2edbb76
SSDEEP

1536:SouPTlWk9khAqTlF+wBqIKnRF/crbTIxC:S3PJWkq5JF+wIL0rbGC

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

788eeedb1ff468efbc7685c5770b92b5fcf1f92c9b3826ef33aa2d14bffb59ee.zip
.zip

Password: infected
788eeedb1ff468efbc7685c5770b92b5fcf1f92c9b3826ef33aa2d14bffb59ee
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ