AnDDoS[.]rar | Triage

Sharing

General

Target

AnDDoS.rar
Size

196KB
MD5

f176441dba1e58838d8f17937ac566cc
SHA1

cf9b120cd9862d9a7fdcc4bdfb2aa7a162b7dc6a
SHA256

38dc2e5173b5ec4290ece9d7654cf1a4e5c4f9c6b8022b73eee3eeb64ec5d9aa
SHA512

fb6380eacb04f75b11b0ad78851bdea46fed1a5b2769550c5b5012a47994a72c66ae475b26ef95b4f83b925bae7aeafa1dea9356735b7bb9c6a6eba6016ddab2
SSDEEP

6144:93LLtiGJ+Dh+0z6rMcC/8GekPZbNVuOEHFAf:93tiGJqY02rfPGek5a3Cf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AnDDoS/AnDDoS.exe

Files

AnDDoS.rar
.rar
AnDDoS/AnDDoS.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ