Galactic_Update_v1[.]3[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Galactic_Update_v1.3.rar
Size

13.2MB
MD5

c8a9a63a9436bb658338154a6261de79
SHA1

5f481535bd51f90be11db610240c0dfa38903cb3
SHA256

33c5ab4d10a9b9585399770f0e79eb56b6ed6b0185187df62faaf6f5035d2069
SHA512

03f6646fbd8978381c94d3a44497e9981c8c94ea5572ad66280e02e38316bccc3070889f46323e3ac6099566acaf85a6eadb6d682785eb26deb4ee5e9b998edb
SSDEEP

393216:VZX8gHX9/RzehS6DCZIUOQd2h16cUTK8bFYeRkvcw:VZX8gHN9HfIUwyccYeKvcw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Galactic Update v1.3/Galactic Raider.exe

Files

Galactic_Update_v1.3.rar
.rar
Galactic Update v1.3/Galactic Raider.exe
.exe windows:4 windows x86 arch:x86

a9c887a4f18a3fede2cc29ceea138ed3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

malloc
memset
strcmp
strcpy
getenv
sprintf
fopen
fwrite
fclose
__argc
__argv
_environ
_XcptFilter
__set_app_type
_controlfp
__getmainargs
exit

shell32

ShellExecuteA

kernel32

SetUnhandledExceptionFilter

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13.2MB - Virtual size: 13.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 423KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Galactic Update v1.3/config.yml