selection[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

selection.rar
Size

4.1MB
MD5

b3efc6b2f27fe5edfed8544fea2a4166
SHA1

15bfe8c34f0a06839136f8651e79a7cb609c7382
SHA256

4563fdf3b4a48c9f4c6f8aa68c71aa210ecaf5b269142964ef6660eae89ce6b6
SHA512

29ece0fe0b7f2a83424e919a09b81e2ee8503dcdd5732edc3b389a4749055e9bb0e168140a7063d3df989285d1d4fc9d18b853d83e20ca9d2b4e3a4d0537075b
SSDEEP

98304:V/5LEqnWg7BFQujKgNVlpCKMmqnW9qnWo:Jqp+FJn3CKMmp9po

Score

7^/10

Malware Config

Signatures

.NET Reactor proctector 8 IoCs

Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

resource	yara_rule
static1/unpack001/11062028.exe.vir	net_reactor
static1/unpack001/11072150.exe.vir	net_reactor
static1/unpack001/11101102.exe.vir	net_reactor
static1/unpack001/11122041.exe.vir	net_reactor
static1/unpack001/11122050.exe.vir	net_reactor
static1/unpack001/11132209-3.exe.vir	net_reactor
static1/unpack001/imToDesk104_134.exe.vir	net_reactor
static1/unpack001/img20231104_134.exe.vir	net_reactor

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/11062028.exe.vir
unpack001/11072150.exe.vir
unpack001/11101102.exe.vir
unpack001/11122041.exe.vir
unpack001/11122050.exe.vir
unpack001/11131029.exe.vir
unpack001/11132204-5.exe.vir
unpack001/11132209-3.exe.vir
unpack001/imToDesk104_134.exe.vir
unpack001/img20231104_134.exe.vir

Files

selection.rar
.rar
11062028.exe.vir
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
11072150.exe.vir
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 578KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
11101102.exe.vir
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 563KB - Virtual size: 563KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
11122041.exe.vir
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 440KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
11122050.exe.vir
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 439KB - Virtual size: 438KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
11131029.exe.vir
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 503KB - Virtual size: 503KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
11132204-5.exe.vir
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 431KB - Virtual size: 430KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
11132209-3.exe.vir
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
imToDesk104_134.exe.vir
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 578KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
img20231104_134.exe.vir
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 578KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rsrc Size: 2KB - Virtual size: 1KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 578KB - Virtual size: 577KB

.rsrc Size: 2KB - Virtual size: 1KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 563KB - Virtual size: 563KB

.rsrc Size: 68KB - Virtual size: 68KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 440KB - Virtual size: 440KB

.rsrc Size: 68KB - Virtual size: 68KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 439KB - Virtual size: 438KB

.rsrc Size: 68KB - Virtual size: 67KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 503KB - Virtual size: 503KB

.rsrc Size: 68KB - Virtual size: 68KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 431KB - Virtual size: 430KB

.rsrc Size: 12KB - Virtual size: 12KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 448KB - Virtual size: 447KB

.rsrc Size: 4KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 578KB - Virtual size: 577KB

.rsrc Size: 2KB - Virtual size: 1KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 578KB - Virtual size: 577KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rsrc
Size: 2KB - Virtual size: 1KB

.text
Size: 578KB - Virtual size: 577KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text
Size: 563KB - Virtual size: 563KB

.rsrc
Size: 68KB - Virtual size: 68KB

.text
Size: 440KB - Virtual size: 440KB

.rsrc
Size: 68KB - Virtual size: 68KB

.text
Size: 439KB - Virtual size: 438KB

.rsrc
Size: 68KB - Virtual size: 67KB

.text
Size: 503KB - Virtual size: 503KB

.rsrc
Size: 68KB - Virtual size: 68KB

.text
Size: 431KB - Virtual size: 430KB

.rsrc
Size: 12KB - Virtual size: 12KB

.text
Size: 448KB - Virtual size: 447KB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 578KB - Virtual size: 577KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text
Size: 578KB - Virtual size: 577KB

.rsrc
Size: 2KB - Virtual size: 1KB