General

  • Target

    d398b8b3d9610600e8613dd537e70a98.bin

  • Size

    14.2MB

  • MD5

    d398b8b3d9610600e8613dd537e70a98

  • SHA1

    22871b487f334a53eee8399f41d0e2ada796431e

  • SHA256

    1cc7c5968d8bb64fb741c13772986779834eca8293d230cd88aa305c304e89c2

  • SHA512

    10808ff2f1e0385b2de9cd710fdbebb01b8d0be62d9c5da710cd3e06e7d878a6214569969d3091eda12b7ad4d3d45168de28cd5b4664596ca5cc5d8cf055947c

  • SSDEEP

    393216:6C+VjBgl/RQtHqPdmH9+eXcPt0w8da+/DBYVnAwDGqoc83/t77U6BClF:6ljBgRRQN9Tcr8IwtYRQZ/gT

Score
7/10

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d398b8b3d9610600e8613dd537e70a98.bin
    .zip

    Password: infected

  • modest-menu_v0.9.10/config.json
  • modest-menu_v0.9.10/modest-menu.exe
    .exe windows x64

    Password: infected


    Headers

    Sections

  • modest-menu_v0.9.10/scripts/Readme.api
  • modest-menu_v0.9.10/scripts/demo.lua
  • modest-menu_v0.9.10/scripts/sirius.lua.example
  • modest-menu_v0.9.10/scripts/vehicle.lua
  • modest-menu_v0.9.10/scripts/weapon.lua
  • modest-menu_v0.9.10/themes.json