Aphrobyte[.]v1[.]9[.]2[.]zip | Triage

Sharing

General

Target

Aphrobyte.v1.9.2.zip
Size

81KB
MD5

f4a664258aba355a8b1392024c7c5887
SHA1

878f01f24f60de8344764b534aff4ef1fab0c6ec
SHA256

69947ec68e159519a397a09724677d08814de5164f242d17a8cd7cd6adbb4345
SHA512

dfe29454c2da55c8f139566cd1120f6a3896eea7eeebd672da6ba1b8dc4ae19bcd75113845d3a3bf6501918a06a0bf125be483d357cbcf840b36b6d6442a2ae2
SSDEEP

1536:756WKiMhmAKxH1C85HWYqo2qqZLtM1odUhbp+F79A8ON:V6LiM4f1b5dhqRYxMFJIN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Aphrobyte v1.9.2/Aphrobyte v1.9.2/Aphrobyte.Builder.exe

Files

Aphrobyte.v1.9.2.zip
.zip
Aphrobyte v1.9.2/Aphrobyte v1.9.2/.buildmodules/exeic.ico
Aphrobyte v1.9.2/Aphrobyte v1.9.2/.buildmodules/requirements.txt
Aphrobyte v1.9.2/Aphrobyte v1.9.2/.buildmodules/sample.py
.py .ps1
Aphrobyte v1.9.2/Aphrobyte v1.9.2/Aphrobyte.Builder.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\RIOT\source\repos\aphrobyte-discord-rat\obj\Release\aphrobyte-discord-rat.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Aphrobyte v1.9.2/Aphrobyte v1.9.2/README.md