Insurgency Hack[.]rar

General

Target

Insurgency Hack.rar
Size

86KB
MD5

eab9a3efffb6d89cdef34d39bc3565ff
SHA1

49bd4b7c8b9f3a523a8ce4cae01c6df8388454d3
SHA256

c6b7b8efe1dac4afe3f4aa54312e2c311f417f34192ea5a5e9f9e378f2d42f08
SHA512

6c1879520d8d8046c4c538be254df4c42f2759dd285ea0586dec37bb7d41611fc9b78059c9deba99ff2f2b21b2225df7fae4c08850412df01979d980177dd4fd
SSDEEP

1536:ytoBHQQDIhrSPUDfaK7kytWK0rI5y/p5a37JS5reeWyNyo1:ytotQQDMrSPUbaKIy4vUy/poJS38o1

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tier0.exe
unpack001/tier0cheats-insurgency-2.0.dll

Files

Insurgency Hack.rar
.rar
instructions.txt
tier0.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tier0cheats-insurgency-2.0.dll
.dll windows x86

f448790743c5f8224b41a6f9d1b28c48

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetTickCount
CreateThread
DisableThreadLibraryCalls
GetModuleHandleA
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

msvcr100

__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
__CxxFrameHandler3
_CIsqrt
_CIsin
_CIcos
_CIatan
_crt_debugger_hook

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 245KB - Virtual size: 244KB

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 512B - Virtual size: 12B

f448790743c5f8224b41a6f9d1b28c48

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr100

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 888B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 512B - Virtual size: 496B

.text
Size: 245KB - Virtual size: 244KB

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 888B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 512B - Virtual size: 496B