MoeinNegar[.]zip

General

Target

MoeinNegar.zip
Size

2.9MB
MD5

4df76973f7bc15391ea8267e6bc43533
SHA1

89cbdd8fc723fad67d2c34ba2081fe9d8a7cc981
SHA256

4a50617766960e8b55a0b434d8fd6c2fc1557a807f05610994abdf3839345ba6
SHA512

a8d8984421feb6df08cb39fc9da475d0e7ed9ae39648ffb7fcb5b7628091e4fd2a79f2bbe442c041ed0a9bba9ffaaa37ccad3eaab62e8487f9e836f2b7ab24b3
SSDEEP

49152:rToVxLr9t67NdQ0Xvo65lQywxbtIKzOezZVJ63xKeUBWXpRoNFz67NApMsQs8n:foVx/9tGrXvo++RbtIKh9Xw9UYXp7Apa

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MoeinNegar/DevComponents.DotNetBar2.dll
unpack001/MoeinNegar/Setup.exe

Files

MoeinNegar.zip
.zip
MoeinNegar/DevComponents.DotNetBar2.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.textxc
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.datax
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MoeinNegar/Setup.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.textxc Size: 5.3MB - Virtual size: 5.3MB

.datax Size: 4KB - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 86B

.reloc Size: 4KB - Virtual size: 12B

.rsrc Size: 4KB - Virtual size: 1KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 163KB - Virtual size: 162KB

.reloc Size: 512B - Virtual size: 12B

.textxc
Size: 5.3MB - Virtual size: 5.3MB

.datax
Size: 4KB - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 86B

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 4KB - Virtual size: 1KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 163KB - Virtual size: 162KB

.reloc
Size: 512B - Virtual size: 12B