CosmoHack_cs2[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CosmoHack_cs2.rar
Size

2.2MB
MD5

9272a97e2fc93ec1012bc364b7f4b6bb
SHA1

4143ec971ac3443456386ea1753c09cd7d10341d
SHA256

25c0e9ea7055c842a6110c8cdb0d1fa99cd6ff760db656c763df33fb53fe8971
SHA512

6e9b4a42bc05cc64d72b676809d8f76d665dae060bf4dfa46d3de79fd7e21a1a4611c51a905b0f30d86438499d6875ab7d87debd0848bb1f6543d8b41c00a310
SSDEEP

49152:VDm46w3anU/JGBvkWby2kkj2eivguRfuQWOANOm0R0:VaQ3VIBvkWbRdIIuRmQWm0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CosmoHack_cs2.exe

Files

CosmoHack_cs2.rar
.rar
CosmoHack_cs2.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

"OR
Size: - Virtual size: 4.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

b�bbb
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�bb�
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE