mod_menu_bo3[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

mod_menu_bo3.zip
Size

610KB
MD5

5d2b94294599c316aef34de387c23a48
SHA1

8921137ae5ad4ddd69e340f9a696680d913864ee
SHA256

1bf6e23d2690fdfc3436e43d65df643ff0ecccfcc96475a058fd865557dfec2b
SHA512

95d538320d7763557c66ec9ca6ebe4bd466d07772a11bccf4082741be276738463fe9625425eb9cfd684446609d5b7af17a1586fb998e4b7f51c67916b4a2f17
SSDEEP

12288:yo6Ar8NO7Os4pAFNJAzJIRRfwKdiGka6oVTuK51qlwUG5kLMBIr3J:ySr8N1s4pAjOzOTwKdiGzTh2z0kLMBIt

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BO3 GSC Injector PC/BO3 GSC Compiler PC.exe
unpack001/BO3 GSC Injector PC/Irony.dll

Files

mod_menu_bo3.zip
.zip
BO3 GSC Injector PC/BO3 GSC Compiler PC.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\coding\Projects\BO3 GSC Compiler\BO3 GSC Compiler PC\obj\x64\Release\BO3 GSC Compiler PC.pdb

Sections

.text
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BO3 GSC Injector PC/CompiledScripts/ApparitionZM.gsc
BO3 GSC Injector PC/CompiledScripts/EliteMossyRemakeMP.gsc
BO3 GSC Injector PC/CompiledScripts/EliteMossyRemakeZM.gsc
BO3 GSC Injector PC/CompiledScripts/T7RemakeMP.gsc
BO3 GSC Injector PC/CompiledScripts/VoidZM.gsc
BO3 GSC Injector PC/CompiledScripts/devolutionZM.gsc
BO3 GSC Injector PC/CompiledScripts/icebreakerZM.gsc
BO3 GSC Injector PC/CompiledScripts/psilocybinZM.gsc
BO3 GSC Injector PC/CompiledScripts/purplelakeZM.gsc
BO3 GSC Injector PC/CompiledScripts/snowysv5_ZM.gsc
BO3 GSC Injector PC/Irony.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\user\Desktop\Irony_2013_12_12\Irony\obj\Release\Irony.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BO3 GSC Injector PC/Must READ.txt

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 293KB - Virtual size: 293KB

.rsrc Size: 114KB - Virtual size: 113KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 144KB - Virtual size: 143KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 293KB - Virtual size: 293KB

.rsrc
Size: 114KB - Virtual size: 113KB

.text
Size: 144KB - Virtual size: 143KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 512B - Virtual size: 12B