goldloader[.]zip

Resubmissions

13-03-2024 21:07

240313-zymyqaba63 7

Sharing

Copy URL

Twitter E-mail

General

Target

goldloader.zip
Size

10.3MB
MD5

c77518c8eeb10f16fddecdb1eb33d148
SHA1

f1f76b0296ad5d263b151268417b14cb9795f026
SHA256

e514a159cf0de20234029b5ab2607bce6bb770ac84552ca0c1bdf19fb47d5678
SHA512

edfd8de40c8fc2740114a3b22a30d44d8e0c057ffc078036dd61aef5c7e5a900eda770f3d4e565583b95b0e249b63483bf7f88a68717e6eed169444008f6a07e
SSDEEP

196608:iwqJne5+grCoV3IQTDE/6W//SDU/b8VOlzUFJSBQ7HR5EBCd:JrCoeQTDHWHSD+7laJSaHoBCd

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/goldloader/goldloader/APIFOR.DLL
unpack001/goldloader/goldloader/ReaLTaiizor.dll

Files

goldloader.zip
.zip
goldloader/goldloader/APIFOR.DLL
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
goldloader/goldloader/LICENSE
goldloader/goldloader/README.md
goldloader/goldloader/ReaLTaiizor.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

G:\MyProject\ReaLTaiizor\Lib\ReaLTaiizor\src\ReaLTaiizor\obj\Release\net48\ReaLTaiizor.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
goldloader/goldloader/goldloader.bat
.bat .vbs
goldloader/goldloader/set.Config
.xml

Resubmissions

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 11KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 5.7MB - Virtual size: 5.7MB

.rsrc Size: 99KB - Virtual size: 99KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5.7MB - Virtual size: 5.7MB

.rsrc
Size: 99KB - Virtual size: 99KB

.reloc
Size: 512B - Virtual size: 12B