xuid scraping[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

xuid scraping.rar
Size

497KB
MD5

ed7a51ba20b5d05c802b3b856528064e
SHA1

64b69164317337de1fa57c8b364ad5d69c7181ac
SHA256

8614f10c9f419cd324187aeeebbfa818418fbb1b0919d112c5a12e435bf8f478
SHA512

702d4c5f39522aa6457dfd3386b567687de9e4a9fea93c20e0cde4511216aead1c5349f075f5979b9b045db4b4fcc07198b6846ba9bc343eb65096974a7e466a
SSDEEP

12288:teKwjkVFhLL8Y//tXPKIeKwjkVFZM+VElT:tbkmPnntZbkSMXT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/xuid scraping/xuid scraping.exe

Files

xuid scraping.rar
.rar
xuid scraping/app.publish/xuid scraping.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

4c:89:1a:0a:f6:a9:7d:a8:48:1d:13:10:43:a1:b1:c7
Certificate

Issuer

CN=DESKTOP-4GKJ4O6\\a

Not Before

09/03/2024, 20:35

Not After

10/03/2025, 02:35

Subject

CN=DESKTOP-4GKJ4O6\\a

15:6a:5d:1f:9b:9a:b1:78:32:d9:5f:31:cd:a8:bd:ff:24:86:f1:6d:2a:d3:52:59:2a:3a:1c:03:d6:a4:dc:c3
Signer

Actual PE Digest

15:6a:5d:1f:9b:9a:b1:78:32:d9:5f:31:cd:a8:bd:ff:24:86:f1:6d:2a:d3:52:59:2a:3a:1c:03:d6:a4:dc:c3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\a\source\repos\xuid for\xuid for\obj\Debug\xuid for.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 474KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xuid scraping/xuid for.exe.config
xuid scraping/xuid for.exe.manifest
xuid scraping/xuid for.pdb
xuid scraping/xuid scraping.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\a\source\repos\xuid for\xuid for\obj\Debug\xuid for.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 474KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

4c:89:1a:0a:f6:a9:7d:a8:48:1d:13:10:43:a1:b1:c7Certificate

15:6a:5d:1f:9b:9a:b1:78:32:d9:5f:31:cd:a8:bd:ff:24:86:f1:6d:2a:d3:52:59:2a:3a:1c:03:d6:a4:dc:c3Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 474KB - Virtual size: 473KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 474KB - Virtual size: 473KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 512B - Virtual size: 12B

4c:89:1a:0a:f6:a9:7d:a8:48:1d:13:10:43:a1:b1:c7
Certificate

15:6a:5d:1f:9b:9a:b1:78:32:d9:5f:31:cd:a8:bd:ff:24:86:f1:6d:2a:d3:52:59:2a:3a:1c:03:d6:a4:dc:c3
Signer

.text
Size: 474KB - Virtual size: 473KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 474KB - Virtual size: 473KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 512B - Virtual size: 12B