redline | 683c7f7cc55431509dc5436df28ff2b3ca82563025ce8a258fecfa700623908c[.]zip

General

Target

683c7f7cc55431509dc5436df28ff2b3ca82563025ce8a258fecfa700623908c.zip
Size

51KB
MD5

b13b8cc31726e0b725e321b3ca545e67
SHA1

c16b4e3b217d7f49dec1682926f0c55a42119e8f
SHA256

21caff50453e46fae78c4d684f24bb13ef8846d93659592b4c3cb9cba202a1cd
SHA512

8dca5ac062cc8e9b1e1d6aeeb2731181c91c9be5248fe3111b85a372eec903819ab13ef234a004b06142b4b793a9eae689373ecd8907846df4055711e7bfd5ef
SSDEEP

1536:LdouPTlWk9khAqTlF+wBqIKnRF/crbTIxRE:Ld3PJWkq5JF+wIL0rbGRE

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

683c7f7cc55431509dc5436df28ff2b3ca82563025ce8a258fecfa700623908c.zip
.zip

Password: infected
683c7f7cc55431509dc5436df28ff2b3ca82563025ce8a258fecfa700623908c
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ