KeNET-RUNONAVM[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

KeNET-RUNONAVM.zip
Size

3.2MB
MD5

2f2c8fa49d9eb04501bf06a32c09eb87
SHA1

33d74b7e0abcf35a21864a55533ad1cdacccffe3
SHA256

2477fce4b3fc4ed5ffc8a47510fc08e3f26b3425cc87eab7d97617bbaab7aeee
SHA512

0b73a9c2a7d0091aea620fe37ff4ef87cb4622d761a55f90b86c8625ee74bc40574c5dd1eadf2904f7e42d61476c1630d48ca5f0e1d57a795925a2ff55ff77e1
SSDEEP

98304:GGukz/ZWDemTNZNwER2DKnW/nThCg3LyDcqD9u+SJDQT:vZ0DemTZwEKKWfUg7gcQiJq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/KeNET-RUNONAVM/Panel.exe

Files

KeNET-RUNONAVM.zip
.zip
KeNET-RUNONAVM/Newtonsoft.Json.xml
.xml
KeNET-RUNONAVM/Panel.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
KeNET-RUNONAVM/Panel.exe.config
KeNET-RUNONAVM/System.Diagnostics.DiagnosticSource.xml
.xml
__MACOSX/._KeNET-RUNONAVM
__MACOSX/KeNET-RUNONAVM/._Newtonsoft.Json.xml
__MACOSX/KeNET-RUNONAVM/._Panel.exe
__MACOSX/KeNET-RUNONAVM/._Panel.exe.config
__MACOSX/KeNET-RUNONAVM/._System.Diagnostics.DiagnosticSource.xml