cm_hack[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cm_hack.zip
Size

1.6MB
MD5

1712196f0182cf3c7b325a43912ff0cd
SHA1

5acd4022361dd86dd41916991132e8cc0a27da8c
SHA256

d9d6a394eb33d752f376cf532bca2dc2872bf1f8105b2daa2372b904c1a090fa
SHA512

87a8038704feb4e5c7b5954a15e1b6133669c91117ce117fbbf277f11aeaa677a7f5fcbb4a07038036dfbf6033df366c4a80a479dc41d4900889c9daa2231a87
SSDEEP

49152:iB36ZDC9o2vadFUnYhPIy0kRHtxDobPu0wwElj2:m6ZG9PvHkg/kBDobPxfij2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cm_hack/hack_by_cosmo11.exe

Files

cm_hack.zip
.zip

Password: cosmo12
cm_hack/hack_by_cosmo11.exe
.exe windows:6 windows x64 arch:x64

Password: cosmo12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

"wR
Size: - Virtual size: 4.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

b#b bb
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�b%b�;
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cm_hack/imgui.ini
cm_hack/password.txt
cm_hack/readme.txt