Installers lpod[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Installers lpod.rar
Size

2.4MB
MD5

f643cf8f26fb02395283db9f4b50e685
SHA1

a713248640a4609d90ac365824a5041369dd35c4
SHA256

781c06a463580e4d83f5e30dc4a790edfdd7127837534909d25fe64963311366
SHA512

abd6b738344434505cf179672f4f5a1fde5ae3330bdcc33e0ff1df1d8adec0ef6fe199ccc686f51ca240c53ba1f5effe96e0d1e9f2b0e951f8fd0a4659cee55f
SSDEEP

49152:oWR7qsKK96pbLOWc/BLTd3gQrTaX7yOinJzq09xaX6e0LqDV1jW9Hd8j:oM7q9bya7CnJzq09IK2/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Installers lpod/InstallerW.exe

Files

Installers lpod.rar
.rar
Installers lpod/InstallerW.exe
.exe windows x86

Password: 2022

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

1"}8x
Size: 857KB - Virtual size: 856KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ