XLag[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

XLag.zip
Size

30KB
MD5

5f94f93944692e45761526a5020b9b67
SHA1

8fc2b2759fa952151569689e36f0523119203258
SHA256

93476d8ab9942d1d4dc8e07ec888dcdfe20f0384f7a724340c1e948c9f48a978
SHA512

83927cc81e4c3880e7d5992914248b3d22962899f7ef250108737f468cd054b2d3841058c043521d25b6b5b5f9ae03abb6c87162f0487165292e0d479f045bc6
SSDEEP

768:6sCnAedDXC/gKqUWIUIrU9dqBOewbo+NduI3dKu8cz:hCnv2/hqvtICdja+X5dJz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/XLag/Xlag 2.0.exe

Files

XLag.zip
.zip
GTA V Content.url
.url
XLag/Xlag 2.0.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 147B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ