v3[.]iso | Triage

Sharing

Copy URL Twitter E-mail

General

Target

v3.iso
Size

36.0MB
MD5

c8e42d481a7be36ac4c17bf663e1604d
SHA1

5af20a52a775397667f4d82adbfb485c3b9b3e2a
SHA256

ab2203a423dbd9d67beaaf83a853595bdd85f269042ca321bac4793ab4094c26
SHA512

62061ee9a655259114db0ad944dc2f25e0983da7b436517b0ab322e0cc826ca899a8bdd4ad8ad1ae70be86a5eaa74831e14b52bda2bb37608852e97f74ec319d
SSDEEP

786432:6KCFH/Z0kpaSek5cWX+PB7fuRQ6dqSz4/CFNVXc2kkwnX67mnb3EXK:6KCRcTPcRQAqSz1bVhBmAmnAK

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack004/Scorpion virus 3.1/AxInterop.WMPLib.dll
unpack004/Scorpion virus 3.1/Interop.WMPLib.dll
unpack004/Scorpion virus 3.1/Scorpion Virus 3.exe

Files

v3.iso
.iso

Password: infected
out.iso
.iso

Password: infected
Scorpion virus 3.1.rar
.rar .zip polyglot

Password: infected
Scorpion virus 3.1.zip
.zip

Password: infected
Scorpion virus 3.1/AxInterop.WMPLib.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Scorpion virus 3.1/Interop.WMPLib.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Scorpion virus 3.1/Read me.txt
Scorpion virus 3.1/Scorpion Virus 3.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Ibrahim\Documents\Visual Studio 2012\Projects\Scorpion Virus 3\Scorpion Virus 3\obj\Debug\Scorpion Virus 3.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 36.3MB - Virtual size: 36.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Password: infected

Password: infected

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 50KB - Virtual size: 50KB

.rsrc Size: 1024B - Virtual size: 712B

.reloc Size: 512B - Virtual size: 12B

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 321KB - Virtual size: 320KB

.rsrc Size: 1024B - Virtual size: 880B

.reloc Size: 512B - Virtual size: 12B

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 36.3MB - Virtual size: 36.3MB

.sdata Size: 512B - Virtual size: 312B

.rsrc Size: 183KB - Virtual size: 183KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 50KB - Virtual size: 50KB

.rsrc
Size: 1024B - Virtual size: 712B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 321KB - Virtual size: 320KB

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 36.3MB - Virtual size: 36.3MB

.sdata
Size: 512B - Virtual size: 312B

.rsrc
Size: 183KB - Virtual size: 183KB

.reloc
Size: 512B - Virtual size: 12B