3losh tool Control[.]rar

General

Target

3losh tool Control.rar
Size

17.7MB
MD5

228802200d3c530940f6b8a2952246ad
SHA1

c3daa6b06e2ec0db6b3c649ccee395d1addb6601
SHA256

d43f05e6dd327eb6bbc5eb7716c564b8802f7f04c42bd565db03019515ab4fdf
SHA512

81d928c3d30052baacc9d6c46dce270d5e517c6252c1124679e6a266d6840a3e563a39e04b6c4d1a4f8646768dcedc59a217244cec82fb91446d6c090b6ca22e
SSDEEP

393216:L5UFStJ28Tw98N3hYAn63z5wew8ROquwRk2QsQAlG0s/V6jRxwew:LMSS8TPxi5wew0OquwS2CAo/sw

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3losh tool Control.exe
unpack001/3losh tool MSBuild.exe

Files

3losh tool Control.rar
.rar

Password: 3losh
3losh tool Control.exe
.exe windows x86

Password: 3losh

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
3losh tool MSBuild.exe
.exe windows x86

Password: 3losh

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 3losh

Password: 3losh

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 8.9MB - Virtual size: 8.9MB

.rsrc Size: 266KB - Virtual size: 265KB

.reloc Size: 512B - Virtual size: 12B

Password: 3losh

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 8.9MB - Virtual size: 8.9MB

.rsrc Size: 266KB - Virtual size: 265KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 8.9MB - Virtual size: 8.9MB

.rsrc
Size: 266KB - Virtual size: 265KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 8.9MB - Virtual size: 8.9MB

.rsrc
Size: 266KB - Virtual size: 265KB

.reloc
Size: 512B - Virtual size: 12B