3b03c77486042fcd7577e69579c344a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b03c77486042fcd7577e69579c344a1
Size

91KB
MD5

3b03c77486042fcd7577e69579c344a1
SHA1

d472c93a6ecbc7ecf6da619452ce3d1660c00731
SHA256

dd8f99c0dd96c9add81f12e4166b97847732a8878d377a0d1f796b36c977d13e
SHA512

5a3b6c63ac5c3668cce0d73aaab0a912abb7c44abd592e4e4aeb96d6022715650d8f14a69b6b20a9181d32651c121b229eafab8e51c19ac89f923764fad26688
SSDEEP

1536:XyyRZ+0QFecH4O/crSIkEw8b8umfjOJm63auf+NSR0b5Mp5b:rRk0MHl/crdb83Ym63nmNo0iV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/launcher/launcher-overland.exe

Files

3b03c77486042fcd7577e69579c344a1
.rar
launcher/launcher-overland.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
launcher/readme.txt