WindowsFormsApp1[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

WindowsFormsApp1.rar
Size

111KB
MD5

2126b379e2fb2b51ee745dcc213689fb
SHA1

82001673abdd95964ae817bd38dabe35bbcbdc08
SHA256

20ed4ffb3297589313c6eaacb6a035e2771f7f9eb4878cccf8c6cef78dd37748
SHA512

fe65ebded482d5712e19824665f986ed13c79e5b8280bd487a772bb4de9a3463c7f043a48f87a72c6606c834409cd0a3ac0e4208b0a969d6fed44099c2221793
SSDEEP

3072:1eKcLeGei1eji+xcVrX+X+OS0udmytykylykyxcVrAyOxyNOKyZge7AAE/M8M+mp:DkVw41zgT6tX

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WindowsFormsApp1/WindowsFormsApp1/bin/Debug/WindowsFormsApp1.exe
unpack001/WindowsFormsApp1/WindowsFormsApp1/bin/Release/WindowsFormsApp1.exe
unpack001/WindowsFormsApp1/WindowsFormsApp1/obj/Debug/Secured/WindowsFormsApp1.exe
unpack001/WindowsFormsApp1/WindowsFormsApp1/obj/Debug/WindowsFormsApp1.exe
unpack001/WindowsFormsApp1/WindowsFormsApp1/obj/Release/WindowsFormsApp1.exe
unpack001/WindowsFormsApp1/bin/Debug/WindowsFormsApp1.exe
unpack001/WindowsFormsApp1/obj/Debug/WindowsFormsApp1.exe

Files

WindowsFormsApp1.rar
.rar
WindowsFormsApp1.sln
WindowsFormsApp1/.vs/WindowsFormsApp1/FileContentIndex/74cea825-bd37-43d1-8806-cb1e2ea768b1.vsidx
WindowsFormsApp1/.vs/WindowsFormsApp1/FileContentIndex/ac85d6c1-f300-4c8c-8c97-8da5fb860f25.vsidx
WindowsFormsApp1/.vs/WindowsFormsApp1/v17/.suo
WindowsFormsApp1/.vs/WindowsFormsApp1/v17/DocumentLayout.json
WindowsFormsApp1/App.config
WindowsFormsApp1/Program.cs
WindowsFormsApp1/Properties/AssemblyInfo.cs
WindowsFormsApp1/Properties/Resources.Designer.cs
.vbs
WindowsFormsApp1/Properties/Resources.resx
.vbs
WindowsFormsApp1/Properties/Settings.Designer.cs
WindowsFormsApp1/Properties/Settings.settings
WindowsFormsApp1/Spoofer.Designer.cs
WindowsFormsApp1/Spoofer.cs
WindowsFormsApp1/Spoofer.resx
.vbs
WindowsFormsApp1/WindowsFormsApp1.csproj
WindowsFormsApp1/WindowsFormsApp1.sln
WindowsFormsApp1/WindowsFormsApp1/App.config
WindowsFormsApp1/WindowsFormsApp1/Form1.Designer.cs
WindowsFormsApp1/WindowsFormsApp1/Form1.cs
WindowsFormsApp1/WindowsFormsApp1/Form1.resx
.vbs
WindowsFormsApp1/WindowsFormsApp1/Program.cs
WindowsFormsApp1/WindowsFormsApp1/Properties/AssemblyInfo.cs
WindowsFormsApp1/WindowsFormsApp1/Properties/Resources.Designer.cs
.vbs
WindowsFormsApp1/WindowsFormsApp1/Properties/Resources.resx
.vbs
WindowsFormsApp1/WindowsFormsApp1/Properties/Settings.Designer.cs
WindowsFormsApp1/WindowsFormsApp1/Properties/Settings.settings
WindowsFormsApp1/WindowsFormsApp1/WindowsFormsApp1.csproj
WindowsFormsApp1/WindowsFormsApp1/bin/Debug/WindowsFormsApp1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\vxxud\Downloads\WindowsFormsApp1\WindowsFormsApp1\obj\Debug\WindowsFormsApp1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsFormsApp1/WindowsFormsApp1/bin/Debug/WindowsFormsApp1.exe.config
WindowsFormsApp1/WindowsFormsApp1/bin/Debug/WindowsFormsApp1.pdb
WindowsFormsApp1/WindowsFormsApp1/bin/Release/WindowsFormsApp1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\vxxud\Downloads\WindowsFormsApp1\WindowsFormsApp1\obj\Release\WindowsFormsApp1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsFormsApp1/WindowsFormsApp1/bin/Release/WindowsFormsApp1.exe.config
WindowsFormsApp1/WindowsFormsApp1/bin/Release/WindowsFormsApp1.pdb
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/.NETFramework,Version=v4.7.2.AssemblyAttributes.cs
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/DesignTimeResolveAssemblyReferences.cache
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/ParticleSystem.Form1.resources
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/Secured/WindowsFormsApp1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/WindowsFormsApp1.Properties.Resources.resources
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/WindowsFormsApp1.csproj.AssemblyReference.cache
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/WindowsFormsApp1.csproj.CoreCompileInputs.cache
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/WindowsFormsApp1.csproj.FileListAbsolute.txt
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/WindowsFormsApp1.csproj.GenerateResource.cache
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/WindowsFormsApp1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\vxxud\Downloads\WindowsFormsApp1\WindowsFormsApp1\obj\Debug\WindowsFormsApp1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsFormsApp1/WindowsFormsApp1/obj/Debug/WindowsFormsApp1.pdb
WindowsFormsApp1/WindowsFormsApp1/obj/Release/.NETFramework,Version=v4.7.2.AssemblyAttributes.cs
WindowsFormsApp1/WindowsFormsApp1/obj/Release/ParticleSystem.Form1.resources
WindowsFormsApp1/WindowsFormsApp1/obj/Release/WindowsFormsApp1.Properties.Resources.resources
WindowsFormsApp1/WindowsFormsApp1/obj/Release/WindowsFormsApp1.csproj.AssemblyReference.cache
WindowsFormsApp1/WindowsFormsApp1/obj/Release/WindowsFormsApp1.csproj.CoreCompileInputs.cache
WindowsFormsApp1/WindowsFormsApp1/obj/Release/WindowsFormsApp1.csproj.FileListAbsolute.txt
WindowsFormsApp1/WindowsFormsApp1/obj/Release/WindowsFormsApp1.csproj.GenerateResource.cache
WindowsFormsApp1/WindowsFormsApp1/obj/Release/WindowsFormsApp1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\vxxud\Downloads\WindowsFormsApp1\WindowsFormsApp1\obj\Release\WindowsFormsApp1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsFormsApp1/WindowsFormsApp1/obj/Release/WindowsFormsApp1.pdb
WindowsFormsApp1/bin/Debug/WindowsFormsApp1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\caido\Desktop\WindowsFormsApp1\obj\Debug\WindowsFormsApp1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsFormsApp1/bin/Debug/WindowsFormsApp1.exe.config
WindowsFormsApp1/bin/Debug/WindowsFormsApp1.pdb
WindowsFormsApp1/obj/Debug/.NETFramework,Version=v4.7.2.AssemblyAttributes.cs
WindowsFormsApp1/obj/Debug/DesignTimeResolveAssemblyReferences.cache
WindowsFormsApp1/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
WindowsFormsApp1/obj/Debug/ParticleSystem.Form1.resources
WindowsFormsApp1/obj/Debug/WindowsFormsApp1.Properties.Resources.resources
WindowsFormsApp1/obj/Debug/WindowsFormsApp1.csproj.AssemblyReference.cache
WindowsFormsApp1/obj/Debug/WindowsFormsApp1.csproj.CoreCompileInputs.cache
WindowsFormsApp1/obj/Debug/WindowsFormsApp1.csproj.FileListAbsolute.txt
WindowsFormsApp1/obj/Debug/WindowsFormsApp1.csproj.GenerateResource.cache
WindowsFormsApp1/obj/Debug/WindowsFormsApp1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\caido\Desktop\WindowsFormsApp1\obj\Debug\WindowsFormsApp1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsFormsApp1/obj/Debug/WindowsFormsApp1.pdb

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 7KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 7KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 9KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 9KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B