SKIDDIN_WOLF[.]zip | Triage

Sharing

General

Target

SKIDDIN_WOLF.zip
Size

6KB
MD5

999310608d0e2b32c4bf8a5b0bf8b396
SHA1

24ded9b7a3076e3c7a87e0bcd7f6cf5210cb233f
SHA256

95a3ceba14c7721bf78ce38134e063cc42cd2ab899918b0b2ac17eb6a1defa58
SHA512

31339d285165f54fce92c8c684435dfeafdbae280a48e10aa89a5bc54daf149263668b547238d16dce19477535f9b03cec9c15f0904feb6b2ba7d69b972765cb
SSDEEP

96:sDX5/D5NKNjfusNBhP2OC+43MSO4N4gLjotRJnI/adOnXdH4JL3KuxEWGk+PZx33:sL5D50NjfusN+hFT3otDqadIYVZq/H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SKIDDIN WOLF.exe

Files

SKIDDIN_WOLF.zip
.zip
READ ME!.txt
SKIDDIN WOLF.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\kkcru\Downloads\Zeus-BasicSpooferSource\Spoofer menu test\obj\Release\ZeusSpooferBase.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ