pkg_miner[.]7z | Triage

Sharing

General

Target

pkg_miner.7z
Size

105KB
MD5

3db2682db1fa745c47c599239a4b2b9a
SHA1

64d261f7d290a7e936be468d9be2ee0b4a9b5c2c
SHA256

a1f2a86c3befae5a3779fc462419a8ad10b17e21bd0a4cd99dd293bd23a6ea6c
SHA512

39615446cd59592fd21dbe2a11465813e4d489a664326b6bbc4ab2fac766d5e1cc4dc1290c8328dec63125411b127a92afd3ce9a68fd4319964cede8b1323bc9
SSDEEP

3072:Xt9JqQUKZRNOMfDATdtm++e/8vrewuygLTpP1c:XJBUmNpfDyHmxeUHgLTvc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/B9D1CB424E024972BD96EF67E54C5C4C.MAL_decrypted

Files

pkg_miner.7z
.7z

Password: infected
B9D1CB424E024972BD96EF67E54C5C4C.MAL_decrypted
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ