NHA_3[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NHA_3.zip
Size

4.2MB
MD5

5ff1f18071b870bb5b585427e49feacd
SHA1

b543dd1d1b3ef80aa294096cab7f8398a15b8d5b
SHA256

6dda661c893a091c23f0a996cc0c447c850cfd920fd416d0c12d4b8d63628a41
SHA512

a3d78b84066fec0d731753b3e8abe82c70c7cb6f8a29701daed5c661ef9f213e36f635615af0f20fef42909868eca91c19bcbc47d25d6d764acb25cd66e9ff5d
SSDEEP

98304:0DyhewWJ9+jyQ1xlGzEPl2tyXqjP/SOTZq7dG09tLskB:0DyhefJoyQ1nGzoAYXqD/S93TskB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NHA_3/OnlyFagsTool.exe

Files

NHA_3.zip
.zip
NHA_3/OnlyFagsTool.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

'/}wkc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route251.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route251_TURBO.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route3333.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route3333_TURBO.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route3334.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route3334_TURBO.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route3335.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route3335_TURBO.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route3336.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route3336_TURBO.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route5555.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route9023.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route9024.nha
NHA_3/Recordings/ForzaHorizon5/TrackRoutes/route9801.nha
NHA_3/Recordings/MapleValley_00
NHA_3/Recordings/OakHill_01
NHA_3/Recordings/ProtoCircuit01_00
NHA_3/SerialChecker.bat

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

'/}wkc Size: 1.7MB - Virtual size: 1.7MB

.text Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 65KB - Virtual size: 65KB

'/}wkc
Size: 1.7MB - Virtual size: 1.7MB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 65KB - Virtual size: 65KB