celex[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

celex.zip
Size

27KB
MD5

11acd3425fefecd11ab89566dac5719a
SHA1

190163c10a5d7b166b7ec60aafdc30083b28597a
SHA256

b825b6265fbc16cc64317f646642221a26aa3669593ac1460a43f36e2f45efbb
SHA512

6a31278cc4415c87b2d6ca43c6c0e740ad5c3e90ee38499c133ca18c1061318ecde159605f69949e1c6a372c6e636d7cb3d7aaa1d0349e4d49f8429573f6ae0b
SSDEEP

384:Qgolq5Xz+vxZ0xwSIXi+bJY4MlwboDa1Fd49DPd2ryp4d+GC4qncSQi8:QgolSDwKIXi+b5AejdIPdMyp4454qxn8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/runtime.dll

Files

celex.zip
.zip
README.txt
runtime.dll
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Tim\Desktop\cracks\celex\celex\x64\Release\celex.pdb

Exports

Exports

?dummy@@YAXXZ

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.tim2
Size: 4KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
user.json