af9238caaf8dfe867bbf4bc625485657b4b277e319ba788a5809a3c7ae129d3d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af9238caaf8dfe867bbf4bc625485657b4b277e319ba788a5809a3c7ae129d3d
Size

5.0MB
MD5

ef97b0c9e5a8f9a44463c28fd15782ac
SHA1

950fae17b0e77b5b2d8bd4412946d16905b62f18
SHA256

af9238caaf8dfe867bbf4bc625485657b4b277e319ba788a5809a3c7ae129d3d
SHA512

5e7d60488da6bd09acfca681d737dc5db9d4c18abf389ab1f37ac2a87a44375bd8fba5b9abd322c5637ea956c1f430ba17346f777f0152777a09e657f740f459
SSDEEP

98304:ZUQxJzuoiwawPX37djpnyGI2k6Xcx5sj2mTsxheo+/w:KQxJzuodawPHNpn3kqcxk36heo+/w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Apt_config/chajet/App_Web_nishizhu.aspx.cdcab7d2.dll

Files

af9238caaf8dfe867bbf4bc625485657b4b277e319ba788a5809a3c7ae129d3d
.zip
Apt_config/.DS_Store
Apt_config/chajet/App_Web_nishizhu.aspx.cdcab7d2.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Apt_config/chajet/nishizhu.aspx.cdcab7d2.compiled
Apt_config/config/tasklist.txt
Apt_config/dnslog/dnslog.txt
Apt_config/dnslog/dnslogconfig.txt
Apt_config/gsl.jsp
.js
Apt_config/shell.asp
Apt_config/shell.aspx
.ps1
Apt_config/shell.jsp
.js
Apt_config/shell.jspx
.js
Apt_config/shell.php
.js
Apt_config/shell.txt
__MACOSX/Apt_config/._shell.jsp
__MACOSX/Apt_config/._shell.php
__MACOSX/Apt_config/._shell.txt
__MACOSX/Apt_config/dnslog/._dnslog.txt
__MACOSX/Apt_config/dnslog/._dnslogconfig.txt
apt.jar
.jar