redline | 894d5a503f396781b73bb0977eb46bab4086a47a55c19da878a147b8c2cb584e[.]zip

General

Target

894d5a503f396781b73bb0977eb46bab4086a47a55c19da878a147b8c2cb584e.zip
Size

52KB
MD5

420df68ea5eaa05bee39f6fab20ddf8d
SHA1

cb06c393dac2ce8065589cc03e1c653b45539a0e
SHA256

ba81da922c3992ea26f0f5f772182c864a3f1a49e0400c96d14930dc8ff0e7cc
SHA512

a25c480803295c5e7355d68fc73ec132f7c6a67abf904df98b68af62e4c9424429e7ec0e0cc67741f658d39e5f93f3399152a11342feeb5ed65fff988f3ca7be
SSDEEP

768:+ScbO5rmxPIz0NEXp7m8TRvaziNIJt26OwHiTt6ldEdSQpylK3W06reSeINHfshw:5A413TRyzDH5Titwe32eIShi7Ioz

Score

10^/10

mixer redline

Family

redline

Botnet

mixer

C2

185.161.248.75:4132

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/894d5a503f396781b73bb0977eb46bab4086a47a55c19da878a147b8c2cb584e

894d5a503f396781b73bb0977eb46bab4086a47a55c19da878a147b8c2cb584e.zip
.zip

Password: infected
894d5a503f396781b73bb0977eb46bab4086a47a55c19da878a147b8c2cb584e
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ