mod mеnu gtа5[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

mod mеnu gtа5.rar
Size

17.3MB
MD5

fa74a94af160ae0ddeb4bd963414cf65
SHA1

4b36265ec9f56fd65ee5ee6a499028966f3007e7
SHA256

b56e5976062c8f4642bb1d3165d63795ec9ff5cc39f8bd726f824c70d021706e
SHA512

cff2271b05db8e551628f4965d2712f7d157d9e8cb306dc9282346080e17fd9c40fdf4ed42a60dd3a72d954246d8a7a2c1f61d91b0f9c2c5e609e0f9a8f8a33f
SSDEEP

393216:cRGVbMtlOulKRLUf+j4sEnbdfeUibAjm6:sObfqKtUfNsEnZGUiEjZ

Score

7^/10

themida agilenet

Malware Config

Signatures

Obfuscated with Agile.Net obfuscator 1 IoCs

Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

agilenet

resource	yara_rule
static1/unpack001/mod menu gtа5/modest-menu.exe	agile_net

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/mod menu gtа5/V2/modest-menu_protected.exe	themida

Files

mod mеnu gtа5.rar
.rar

Password: 2022
mod menu gtа5/Readme.txt
mod menu gtа5/V2/config.json
mod menu gtа5/V2/modest-menu_protected.exe
.exe windows x64

Password: 2022

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 833KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 68KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 448B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 23KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 19.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 12.7MB - Virtual size: 12.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
mod menu gtа5/V2/scripts/Readme.api
mod menu gtа5/V2/scripts/demo.lua
mod menu gtа5/V2/scripts/sirius.lua.example
mod menu gtа5/V2/scripts/vehicle.lua
mod menu gtа5/V2/scripts/weapon.lua
mod menu gtа5/V2/themes.json
mod menu gtа5/config.json
mod menu gtа5/modest-menu.exe
.exe windows x86

Password: 2022

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu gtа5/scriрts/3345.txt
mod menu gtа5/scriрts/Readme.api
mod menu gtа5/scriрts/binkawin.asi
.dll windows x86

Password: 2022

eb47f3eba69cd506a684fe741aa6a115

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursorPos
MessageBoxA

kernel32

DisableThreadLibraryCalls
TerminateProcess
GetCurrentProcess
GetTickCount

Exports

Exports

_RIB_Main@20

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK_acd
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK_fft
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BINKDATA
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BINKCONS
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BINKDATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu gtа5/scriрts/demo.lua
mod menu gtа5/scriрts/menu.lua
mod menu gtа5/scriрts/sirius.lua.example
mod menu gtа5/scriрts/vehicle.lua
mod menu gtа5/scriрts/weapon.lua

Sharing

General

Malware Config

Signatures

Files

Password: 2022

Password: 2022

Headers

DLL Characteristics

File Characteristics

Sections

Size: 833KB - Virtual size: 1.6MB

Size: 68KB - Virtual size: 160KB

Size: 448B - Virtual size: 16KB

Size: 23KB - Virtual size: 34KB

Size: 1KB - Virtual size: 7KB

.imports Size: 1KB - Virtual size: 4KB

.rsrc Size: 34KB - Virtual size: 34KB

.themida Size: - Virtual size: 19.5MB

.boot Size: 12.7MB - Virtual size: 12.7MB

Password: 2022

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rsrc Size: 162KB - Virtual size: 161KB

.reloc Size: 512B - Virtual size: 12B

Password: 2022

eb47f3eba69cd506a684fe741aa6a115

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

BINK_acd Size: 4KB - Virtual size: 4KB

BINK_fft Size: 24KB - Virtual size: 23KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 336B

BINKDATA Size: 1024B - Virtual size: 600B

BINKCONS Size: 512B - Virtual size: 4B

BINKDATA Size: 10KB - Virtual size: 10KB

.reloc Size: 1024B - Virtual size: 714B

.imports
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 34KB - Virtual size: 34KB

.themida
Size: - Virtual size: 19.5MB

.boot
Size: 12.7MB - Virtual size: 12.7MB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rsrc
Size: 162KB - Virtual size: 161KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 11KB - Virtual size: 10KB

BINK_acd
Size: 4KB - Virtual size: 4KB

BINK_fft
Size: 24KB - Virtual size: 23KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 336B

BINKDATA
Size: 1024B - Virtual size: 600B

BINKCONS
Size: 512B - Virtual size: 4B

BINKDATA
Size: 10KB - Virtual size: 10KB

.reloc
Size: 1024B - Virtual size: 714B