DreamyThugShaker's Crib[.]zip | Triage

Sharing

General

Target

DreamyThugShaker's Crib.zip
Size

355.5MB
MD5

f99de7ad7226979b457cb545a7fdb316
SHA1

0d7a713b0806818ebfe9c3c6fe14267bef2963ff
SHA256

9f61dd9ab0994d3dce0c8af1f60dedd9298ee29b5f61c6f6985ab0526b711095
SHA512

5e121849138ba5c47a4d5d255a432014f74a0f5b536d9d6c8291f33ea36626bb5a530460593998040cba69b6314afb1b5a8f30098e05e36528c1e7b5b2bb8bc8
SSDEEP

6291456:xITvRapDotsZp7/19d5TNa0qUe3TI2iige6RGQGyE7CeqtP0PvUOGmQ9Lll0Wlpd:xINaZotwzfTEUeD6RGQaq+nUrlFfJlpd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DreamyThugShaker's Crib.exe

Files

DreamyThugShaker's Crib.zip
.zip
DreamyThugShaker's Crib.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ