Random Stealer[.]zip | Triage

Sharing

General

Target

Random Stealer.zip
Size

488KB
MD5

84c51e64742763fccae4fb750aebc178
SHA1

18f65a7f766540a43e366cc8e7fdc69020bc37ca
SHA256

b2989e3951250607a07156409b221cec2e2ba984c5f285a800cddb7399066b2f
SHA512

6d73eb57eabdd679a232d22ec8bfa25e49d4d42985db42f1e4cde86a08cb28768aacc2ee0338feb46c85df47bea17d6fb4dfe8c86b5552663b621752758cf7d3
SSDEEP

12288:Cehpo4pS6lMrIzRKq2Hx9oq8PsFg5EUo3gLVuBYDjJqZQ:Ce7oRrINAR9HXP3gJq6jJqy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/795af0703ab2ab7cfcfcc38449e7da1a20967be437e5877ee27da317b3991357.exe

Files

Random Stealer.zip
.zip
795af0703ab2ab7cfcfcc38449e7da1a20967be437e5877ee27da317b3991357.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Eusz.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 506KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ