OP[.]Gorilla[.]Tag[.]MOD[.]MENU[.]zip

General

Target

OP.Gorilla.Tag.MOD.MENU.zip
Size

4.1MB
MD5

10dbcb40cbf47d9b8a85a973acdc6d7a
SHA1

ed28348922f9fb519b1f4338097ef39e312ca252
SHA256

d9fb26ec91076457cfc8219244fa3324eaac2a0dfabc4529685cb5cda513750d
SHA512

5bfaa3e4eb51399cfd3d77562a98b4bb1d5ec9717a37d13659eb2e9d77fbcf24dd30eed6503f9cb40eddd1a48aea9e8accf16a5c3364bc98f92f9e21aa955fd5
SSDEEP

98304:ZOvBl+1aJwhCrBBiMh09vDTHr8CW5YWUp54B3V:Zal+1aJwhCrBYM8H3WWH4tV

Score

10^/10

Malware Config

Signatures

Nirsoft 1 IoCs

resource	yara_rule
static1/unpack001/OP Gorilla Tag MOD MENU/Gorilla tag OP MOD MENUFIXER.exe	Nirsoft

NirSoft WebBrowserPassView 1 IoCs

Password recovery tool for various web browsers

resource	yara_rule
static1/unpack001/OP Gorilla Tag MOD MENU/Gorilla tag OP MOD MENUFIXER.exe	WebBrowserPassView

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/OP Gorilla Tag MOD MENU/Gorilla tag OP MOD MENUFIXER.exe
unpack001/OP Gorilla Tag MOD MENU/PiratesUnitesOPMenu.dll

Files

OP.Gorilla.Tag.MOD.MENU.zip
.zip
OP Gorilla Tag MOD MENU/Gorilla tag OP MOD MENUFIXER.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OP Gorilla Tag MOD MENU/PiratesUnitesOPMenu.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 4.5MB - Virtual size: 4.5MB

.rsrc Size: 156KB - Virtual size: 156KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 836B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 4.5MB - Virtual size: 4.5MB

.rsrc
Size: 156KB - Virtual size: 156KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 836B

.reloc
Size: 512B - Virtual size: 12B