NBTExplorer-2[.]6[.]0[.]zip

General

Target

NBTExplorer-2.6.0.zip
Size

269KB
MD5

724b7a9158f263385f9e23882d3fad97
SHA1

a405aabfd23c9e40f1cd87a494940a4e36c1dd40
SHA256

a63cea8270c273a33fba106f456d8edaa59dc534ac63dfae000bcdd5bc8b1c3d
SHA512

9e2adc2b9a01658eb20061ef1952b1fdede9191dad33ce8eb5bb1e0f4f047faf89628848bfd8fde901eb810f2b07fe674de091ff49e62a314fc6e6e123e1adc6
SSDEEP

6144:gmHyAikSint8ZuuLYENh+Vzo5RpekgkN5i2v151s26:CbA0uSYV05R0kgaA0Vs26

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NBTExplorer.exe
unpack001/Substrate.dll

Files

NBTExplorer-2.6.0.zip
.zip
NBTExplorer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Workspace\Managed\NBTExplorer\obj\Release\NBTExplorer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NBTExplorer.exe.config
.xml
Substrate.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Workspace\Managed\Substrate\SubstrateCS\obj\Release\Substrate.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 348KB - Virtual size: 347KB

.rsrc Size: 101KB - Virtual size: 101KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 339KB - Virtual size: 339KB

.rsrc Size: 1024B - Virtual size: 912B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 348KB - Virtual size: 347KB

.rsrc
Size: 101KB - Virtual size: 101KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 339KB - Virtual size: 339KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 512B - Virtual size: 12B