Release[.]zip | Triage

Resubmissions

21/02/2024, 01:37

240221-b1zhjahb9w 8

21/02/2024, 01:33

240221-by2vwahf67 3

Sharing

Copy URL Twitter E-mail

General

Target

Release.zip
Size

80KB
MD5

931c755ce0d6170a829ea26548cc01fa
SHA1

8768a8903fc5622c8eb1afc737f7e25940f01747
SHA256

dbd24dc2699426f74432dfadca6498d0493aaeb2acc54995dd1558983230ad80
SHA512

4a5aa3b97b566f58301ba3ee5896d27a247544da82b0a9de2660b56ebc5b5ae96b8a53ea3e9ae360a8cd62996b76317ce3cb79a7381e01d5449645d2e7550530
SSDEEP

1536:etzbxBifI66OqPQysJWwBIbFUNoP1JWDVlnYtF0SA0uoA:eN2w6WEJWwBcCNonYs0V8A

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Release/Arma 3 Lag Switch.exe
unpack001/Release/Interop.NetFwTypeLib.dll
unpack001/Release/WindowsFirewallHelper.dll

Files

Release.zip
.zip
Release/Arma 3 Lag Switch.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\lifeh\source\repos\ConsoleApp2\ConsoleApp2\obj\Release\Arma 3 Lag Switch.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Release/Arma 3 Lag Switch.exe.config
Release/Arma 3 Lag Switch.pdb
Release/How to use.txt
Release/Interop.NetFwTypeLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Release/WindowsFirewallHelper.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\Personal\Open-Source Projects\WindowsFirewallHelper-master\WindowsFirewallHelper\obj\Release\WindowsFirewallHelper.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Release/WindowsFirewallHelper.xml
.xml

Resubmissions

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4KB - Virtual size: 3KB

.rsrc Size: 45KB - Virtual size: 44KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 20KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 904B

.reloc Size: 4KB - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 49KB - Virtual size: 49KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 45KB - Virtual size: 44KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 904B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B