GOI_DurfMod_1[.]59_APR2019[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

GOI_DurfMod_1.59_APR2019.zip
Size

385KB
MD5

bf717fc65d918c489c1e10bae37e8db2
SHA1

dff1b5b5213306f526076dfb6c6f0661d6a522b8
SHA256

6d2a0db410c41ab494e31be20e4484141bee6066529d2839eab435f6691a5327
SHA512

56eaf373adf895b8e62d6c8978164c533a5beab4e13289256bdae08cf7fceb5f7fab8ca2dfa92427f84526709a87c3eba1dd20158d04344940d2a53c6b80f4e1
SSDEEP

6144:G8IsJE9Ev/xD8n6Y7/7nPrchTBLxvT5cb5g0pJ6KqJozf2/Esil+xf4txf+Y:BIsJZv/V86YX4hT3vGb5r71qKzH+h4n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Managed/Assembly-CSharp.dll

Files

GOI_DurfMod_1.59_APR2019.zip
.zip
Managed/Assembly-CSharp.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
instructions.txt