Nerd Invader iPad 2 Complete Bypass Pkg[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Nerd Invader iPad 2 Complete Bypass Pkg.rar
Size

234.6MB
MD5

d552325da77bf71d661c3f2f9739ac49
SHA1

860627cc3a0004913ac49f41b528f9f01b5f69f3
SHA256

eec0a598f0002b20ea75440193e7f510c73d4b2e2fca5a4ea0e6abfdf208e527
SHA512

6992b4bb599f779d394c3d2625be46c111051f01c7b671e1e00ff3b7c29600088238bb3b90c8d09b3506f61f1c7c5488378ad510ddfa11d06d17af0352b2477f
SSDEEP

6291456:xgObY87/DuIHwdRonSF49YPx5TnGhITthyw:xK8+IQDwSF498YIft

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/iRemove Tools 1.2.8.exe

Files

Nerd Invader iPad 2 Complete Bypass Pkg.rar
.rar

Password: 112233
PASSWORD.txt
iRemove Tools 1.2.8.rar
.rar

Password: 112233
Must Read.txt
iRemove Tools 1.2.8.exe
.exe windows:4 windows x86

Password: 112233

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 241.7MB - Virtual size: 241.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 343KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ