LoZ-OoT[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

LoZ-OoT.zip
Size

909KB
MD5

17851d08532e0988a5b9b367f8c3ada2
SHA1

869aeca7b4622a11bec67a99a0b468848b97764d
SHA256

0d2817feb855d9f74fdfa56254def9f0275ca9376d2508261f8acdbb7b2a9a08
SHA512

c38c09f0bd5d379e55ee4b33f66c3f05f1b6a499a25bf25608ea389e913242c7b5d26815bf993974ba0b9c83ea576b198614c09ac19e857415b57a0b2f15f1bf
SSDEEP

24576:0W1ff4QxiwoFUq91PtOfd5zcvIUkJZ9GYcuVT2F5vJGGXuQnT/KNF:0Swciwo99WmjIFeTiNF

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Microsoft.WindowsAPICodePack.Core.dll
unpack001/The Legends of Zelda - Ocarina of Time.exe

Files

LoZ-OoT.zip
.zip
.Backgrounds/1.png
.png
.Backgrounds/2.png
.png
.Backgrounds/3.png
.png
.NPC/!down.png
.png
.NPC/!left.png
.png
.NPC/!pd.png
.png
.NPC/!right.png
.png
.NPC/!up.png
.png
.NPC/3death.png
.png
.NPC/3down.png
.png
.NPC/3left.png
.png
.NPC/3right.png
.png
.NPC/3up.png
.png
.NPC/Death.png
.png
.NPC/down.png
.png
.NPC/left.png
.png
.NPC/right.png
.png
.NPC/up.png
.png
.Sound/Bush.wav
.Sound/Get-Item.wav
.Sound/Get-Rupee.wav
.Sound/GetHeart.wav
.Sound/PauseMenu_Close.wav
.Sound/PauseMenu_Cursor.wav
.Sound/PauseMenu_Select.wav
.Sound/Steps-Dirt.wav
.Sound/hurt.wav
.level/24debug/mapsettings.ini
.level/24debug/playerInfo.ini
.level/24debug/proj.map
.level/dotlevel/.Backgrounds/1.png
.png
.level/dotlevel/.Backgrounds/3.png
.png
.level/dotlevel/.NPC/!down.png
.png
.level/dotlevel/.NPC/!left.png
.png
.level/dotlevel/.NPC/!pd.png
.png
.level/dotlevel/.NPC/!right.png
.png
.level/dotlevel/.NPC/!up.png
.png
.level/dotlevel/.NPC/3death.png
.png
.level/dotlevel/.NPC/3down.png
.png
.level/dotlevel/.NPC/3left.png
.png
.level/dotlevel/.NPC/3right.png
.png
.level/dotlevel/.NPC/3up.png
.png
.level/dotlevel/.NPC/Death.png
.png
.level/dotlevel/.NPC/down.png
.png
.level/dotlevel/.NPC/left.png
.png
.level/dotlevel/.NPC/right.png
.png
.level/dotlevel/.NPC/sup.png
.png
.level/dotlevel/.NPC/up.png
.png
.level/dotlevel/dotlevel.map
.level/dotlevel/enemie.texture
.level/dotlevel/player.texture
.level/level/.NPC/!down.png
.png
.level/level/.NPC/!left.png
.png
.level/level/.NPC/!pd.png
.png
.level/level/.NPC/!right.png
.png
.level/level/.NPC/!up.png
.png
.level/level/.NPC/3death.png
.png
.level/level/.NPC/3down.png
.png
.level/level/.NPC/3left.png
.png
.level/level/.NPC/3right.png
.png
.level/level/.NPC/3up.png
.png
.level/level/.Objects/Crate (Custom).ini
.level/level/.Objects/Object15.ini
.level/level/.Objects/X (1).ini
.level/level/.Objects/X (2).ini
.level/level/.Objects/X (3).ini
.level/level/.Objects/X (4).ini
.level/level/.Objects/X (5).ini
.level/level/.Objects/X (6).ini
.level/level/.Objects/X (7).ini
.level/level/.Objects/X (8).ini
.level/level/.Objects/Y (1).ini
.level/level/.Objects/Y (2).ini
.level/level/.Objects/Y (3).ini
.level/level/.Objects/Y (4).ini
.level/level/.Objects/Y (5).ini
.level/level/.Objects/Y (6).ini
.level/level/.Objects/Y (7).ini
.level/level/mapsettings.ini
.level/level/playerInfo.ini
.level/level/proj.map
Microsoft.WindowsAPICodePack.Core.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Development\GitHub\Windows-API-CodePack-NET\Source\Current\Windows API CodePack\Core\obj\Release\net472\Microsoft.WindowsAPICodePack.Core.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
The Legends of Zelda - Ocarina of Time.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Repos\WindowsFormsApp2\WindowsFormsApp2\obj\Debug\Game.pdb

Sections

.text
Size: 445KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
playerInfo.ini
settings.ini

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 97KB - Virtual size: 97KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 445KB - Virtual size: 444KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 97KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 445KB - Virtual size: 444KB

.rsrc
Size: 5KB - Virtual size: 4KB