stealmenuv2[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

stealmenuv2.rar
Size

44KB
MD5

93b7814b0b0f1bc08d8305d08d8e4c58
SHA1

5581cab0d64ed2f6e73aa150972dd351d3cf670c
SHA256

c3581c7deee7e022eb6986de9f7ba10046118161363396082abefc492f24f000
SHA512

e9832f681a8d70fcdf5c089487ddeb3ef5fdcd25664e0181dd1dfb3e98dfbff2ba928c4c742b4b7ac2f20e36763a1b7b78660d496993e007ba45d19c7d267b44
SSDEEP

768:+/3nXjtm0SwMU7oTSXo3cZpNbdvkbXWnJTCRgkT7vgTWta7d3P9eS3aYo6gfG:S3XjQ0SwMU7XCcp1+WnJT3K7lax31xS+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/StealMenuV2/Stealmenuloader.dll

Files

stealmenuv2.rar
.rar
StealMenuV2/Stealmenuloader.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ