04-05-2024_C5osgnlkn6miFIe[.]rar | Triage

Sharing

General

Target

04-05-2024_C5osgnlkn6miFIe.rar
Size

1.9MB
MD5

90204fa41a3138683eda3b0ed8753601
SHA1

f0029432a97e0cf78626df5ff250dc606415dd82
SHA256

287a9281694d1368e9971368b01a910e5e498e93a48380773f71adc3b8a955c6
SHA512

69745a82355e64c4b366b07287ce94ea3efc0babde21046ade49c4c7224677a7b5666990c8c8d4a631bb17554597df1d79ef6036a8848a5b18f974a3c20ec6cd
SSDEEP

49152:6Pn8Q5QGrQpgx4n/D2+Mx05OLufEmOsmDl+ZpQtrJ21Jr5lQ:VQ/spgx4/a+vOLufEIStrJ2k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Pallalax.exe

Files

04-05-2024_C5osgnlkn6miFIe.rar
.rar

Password: 123
Pallalax.exe
.exe windows:4 windows x86 arch:x86

Password: 123

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ