memesense[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

memesense.rar
Size

1.8MB
MD5

0cda5d5d75295f8a2fcf7b909d246075
SHA1

80bbf5671d1524907dd6d1c115aefc985a35fb99
SHA256

0907c1a0119bb3c8324b83d201b1254a699127a9c30d22380081390f3f99762e
SHA512

612f5567fec3b20417593a287e5d9c0d04f117473d687f91cf9b89625ff27a16b13e099bbce778471a56b60c67e93c544c3f7b6a055ed39628c0384f32ab1044
SSDEEP

49152:zLc+4sc7253qpjOskI5W0Y5AC/BSXjlTrYv6g1LVVR5:zLfTIpKskI5XzCZSXjZM/5

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Extreme Injector v3.exe
unpack001/memesense.dll

Files

memesense.rar
.rar
Extreme Injector v3.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MemeSense/fonts/esp-icons.ttf
MemeSense/fonts/gui-icons.ttf
MemeSense/fonts/pixel7.ttf
MemeSense/fonts/verdana.ttf
MemeSense/images/avatar.jpg
.jpg
MemeSense/localizations/cs2-english.bin
MemeSense/localizations/cs2-schinese.bin
memesense.dll
.dll windows:6 windows x64 arch:x64

2b0b2f8c933f7db53bfb64cb619b398f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
LoadLibraryA
GetProcAddress
CreateThread
GetThreadContext
SetThreadContext
ResumeThread
CloseHandle
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
InitializeSListHead
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RtlCaptureContext
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime

user32

MessageBoxA

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__std_exception_copy
_CxxThrowException
memset
__std_exception_destroy
__current_exception
memcpy
__std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
terminate
_cexit
_initterm_e
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_initterm
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 512B - Virtual size: 12B

2b0b2f8c933f7db53bfb64cb619b398f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 1.0MB - Virtual size: 1.0MB

.pdata Size: 1024B - Virtual size: 804B

Size: 107KB - Virtual size: 107KB

.reloc Size: 512B - Virtual size: 96B

.rsrc Size: 512B - Virtual size: 233B

.text
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 1.0MB - Virtual size: 1.0MB

.pdata
Size: 1024B - Virtual size: 804B

.reloc
Size: 512B - Virtual size: 96B

.rsrc
Size: 512B - Virtual size: 233B