blackcatII[.]7z

Sharing

Target

blackcatII.7z
Size

357KB
MD5

46a6c6ec8902a56eaebd9d89aa6ec2b0
SHA1

9cb4794818d623bb53dd7dc3b280cbb3d37bf925
SHA256

ff7d1ed8fc25861884efd48d14db0b69338d8862a26a14a1b8be87392d8f9213
SHA512

9ffbb1cf5a54f15d2f171646176e0fc89bca2a448dd9d0b57f2861a3599e8b112da4d8bd7e55944c59503c2e561a075212042e380340e11641fe74dd0957d6ac
SSDEEP

6144:va/MZtsp5U+1LJ45chQWYsNnL68VWa8/EP3njLoURW4LOdFkSQQwFDOKwr:C/MZtq5U+1t45cqWv5VWa8/EvjXW9dFh

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/challenge/Decryptor.exe

blackcatII.7z
.7z

Password: infected
challenge/Decryptor.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
challenge/victim-files/A_Sunday_Afternoon_on_the_Island_of_La_Grande_Jatte_by_Georges_Seurat_5773ff06-a03e-401b-8914-6106bc277bfd_large.jpg.encry
challenge/victim-files/Cafe_Terrace_at_Night_by_Vincent_van_Gogh_large.jpg.encry
challenge/victim-files/Guernica_by_Pablo_Picasso_large.jpg.encry
challenge/victim-files/Impression_Sunrise_by_Claude_Monet_large.jpg.encry
challenge/victim-files/Wanderer_above_the_Sea_of_Fog_by_Caspar_David_Friedrich_large.jpg.encry
challenge/victim-files/flag.txt.encry