plugins[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

plugins.rar
Size

3.2MB
MD5

56a3f317d05149fe67c3658f66ba52fb
SHA1

d72f78d99b304a1bb67e194399e5524032b31111
SHA256

4e6331ba58d48a8a7e1fb0946b155363f22a190a6d9ab777bcb7f66bb26bb4fd
SHA512

f6cb0b5abe9070e48c7a7c04fe154b08c9494ddb4ef15aca0c0276909ae8d682b722c2ff37b9ec00b0e8ccb70dca01badf502cbed9dbeeab3df858b341175e0a
SSDEEP

98304:md2Jj9lUtR6n2lQGdGnRQ/ubRKenaB12/:NJ3UtR5l/sXRmI

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sinai-dev-UnityExplorer-4.8.2/UnityExplorer.BIE5.Mono.dll
unpack001/sinai-dev-UnityExplorer-4.8.2/UniverseLib.Mono.dll

Files

plugins.rar
.rar

Password: infectedmaybe
sinai-dev-UnityExplorer-4.8.2/UnityExplorer.BIE5.Mono.dll
.dll windows:4 windows x86 arch:x86

Password: infectedmaybe

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sinai-dev-UnityExplorer-4.8.2/UniverseLib.Mono.dll
.dll windows:4 windows x86 arch:x86

Password: infectedmaybe

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sinai-dev-UnityExplorer/Logs/UnityExplorer 2024-02-21 215120Z.txt
sinai-dev-UnityExplorer/Logs/UnityExplorer 2024-02-23 153413Z.txt
sinai-dev-UnityExplorer/Logs/UnityExplorer 2024-02-23 215351Z.txt
sinai-dev-UnityExplorer/Logs/UnityExplorer 2024-02-23 222016Z.txt
sinai-dev-UnityExplorer/Logs/UnityExplorer 2024-02-23 222127Z.txt
sinai-dev-UnityExplorer/Logs/UnityExplorer 2024-02-24 145935Z.txt
sinai-dev-UnityExplorer/data.cfg

Sharing

General

Malware Config

Signatures

Files

Password: infectedmaybe

Password: infectedmaybe

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 1024B - Virtual size: 924B

.reloc Size: 512B - Virtual size: 12B

Password: infectedmaybe

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rsrc Size: 1024B - Virtual size: 896B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 1024B - Virtual size: 924B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 2.7MB - Virtual size: 2.7MB

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 512B - Virtual size: 12B