rookie_2[.]19_portable[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

rookie_2.19_portable.zip
Size

572KB
MD5

3cab189075eaeec5c4cf28ed07c30c80
SHA1

a23a2fac91e78fe88eba6c96cd6a98ce5ad99385
SHA256

005404b47ecdae1f3af3274d104acd55dd2eaf6c5f90f49315ecee88e4ffbe7b
SHA512

3bd578917d630d36c13be4022dee10cff6603d4b0fad991e6b8a7a0bb9faeafef7970d66e1a68d9340de01024288acecdc5292460bff191d4d2665a4cd8af14c
SSDEEP

6144:hbHMDoKr3ZkdeQCcnEIqd64F/J+UpLsMzFDw/milhESb/NB5vi2lD9vlghWiyefa:hsnZgXK6UrpJFwN1jM4ZtghWkgA1Ol5H

Score

1^/10

Malware Config

Signatures

Files

rookie_2.19_portable.zip
.zip
AndroidSideloader v2.19.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 795KB - Virtual size: 794KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Rookie Offline.cmd