redline | 2be8c5fefafdc9bd99f52c1357e1bc2a2d29934fd91b5d318b900cad1db4e35d[.]zip

General

Target

2be8c5fefafdc9bd99f52c1357e1bc2a2d29934fd91b5d318b900cad1db4e35d.zip
Size

51KB
MD5

8548f8ca88f08f3a119af73f2325c5ab
SHA1

9e0650b7d9fb3ee9626ac5ba9d8bbbb137570a4a
SHA256

2aeb0f0eb4cfed9afe1d471a78d31e226c2a077772873cbd02b04079d40128cf
SHA512

c5734fd18db06f1405c2199f11ac2fa49f3b4475f3aebb7fd06f8adae0cb978b23887fc433dbbe59f6c90db3a47930df92cd70f5dccb1401fd9e7ef637cf9719
SSDEEP

1536:pouPTlWk9khAqTlF+wBqIKnRF/crbTIxe:p3PJWkq5JF+wIL0rbGe

Score

10^/10

nado redline

Family

redline

Botnet

nado

C2

176.113.115.145:4125

Attributes

2be8c5fefafdc9bd99f52c1357e1bc2a2d29934fd91b5d318b900cad1db4e35d.zip
.zip

Password: infected
2be8c5fefafdc9bd99f52c1357e1bc2a2d29934fd91b5d318b900cad1db4e35d
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ