Activat3r[.]zip | Triage

Resubmissions

12-03-2024 13:24

240312-qncwbsbh39 7

12-03-2024 13:18

240312-qj1ftsbg55 5

Sharing

General

Target

Activat3r.zip
Size

15.8MB
MD5

b7b9b22fed61cc89a2679a1d408efdc8
SHA1

f894fe00e7db0fcebf38a601fcb0b7bc7370c473
SHA256

49d068f4495ca2752a73a4ee43ab3de03f4a679aa5d7995671e0ea29c662da90
SHA512

2dde4fd534fe46592d40f8c168c05a3a97cc1e679417c9ae8990630b4f33ebd9ba64e01a5681fe4aae752f9549b87853621651c626d4fc9b929c9db58101d198
SSDEEP

393216:Dz4ymas72rp7NsOS/lKZDhJPhbeI4Dlt4pJNh:f4yhs72r0OSdKhhJP8vlt45h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Activat3r.exe

Files

Activat3r.zip
.zip
Activat3r.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.SMe
Size: - Virtual size: 12.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.H]g
Size: 15.9MB - Virtual size: 15.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ