General
-
Target
Token Checker.rar
-
Size
18.0MB
-
MD5
04856b7faf67719525d880ebd86c00a6
-
SHA1
5321a37212e053d04fbf932a63b6d0d72ccb3310
-
SHA256
3bed3c4af3bd3309d1fecfc06c9a3a5b9edc307bc829166100cba43a77729ac4
-
SHA512
7fdcbc9d2f2ecc986db571fb110121ef774cc1b193c31e1ccecfe290f102536576fbccb09352e0340959a21e860f0b0c2e42c66896ad97f0c8e54262061e2dc7
-
SSDEEP
393216:5hdHDGOHZ17UEAenXw8GQokLInXUnH/8LyNqMNeTLanj0SLkEcCL/vcFByrcSLu/:5fjGO517BAenXwzQjc+UeNpNnjfLkEcd
Malware Config
Signatures
-
RedLine payload 1 IoCs
resource yara_rule static1/unpack001/Token Checker/Token Checker By Spring.exe family_redline -
Redline family
-
Detects Pyinstaller 1 IoCs
resource yara_rule static1/unpack001/Token Checker/Token Checker By Spring.exe pyinstaller
Files
-
Token Checker.rar.rar
Password: 111
-
Token Checker/Token Checker By Spring.exe.exe windows x86
Password: 111
cd74c16e19de02339ba1d593de4c426e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord666
ord594
ord526
DllFunctionCall
__vbaExceptHandler
ord711
ord713
ord606
ord716
ProcCallEngine
ord537
ord570
ord100
ord617
ord619
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 732B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Token Checker/Tokens.txt
-
Token Checker/proxies.txt