799456244a5900ab247497c706fef7305e45af704befde8694d8712f435172a7

Sharing

Copy URL Twitter E-mail

General

Target

799456244a5900ab247497c706fef7305e45af704befde8694d8712f435172a7
Size

198KB
MD5

bf78ee76045880cea0dea6898f5418f5
SHA1

b304cdb188ca458e99fc765ff59c9abe6afcae6f
SHA256

799456244a5900ab247497c706fef7305e45af704befde8694d8712f435172a7
SHA512

a86193f393a8a7088c62947d9aca6144f69d1c33e999cb0962e29634029614c50e62d5965b6d83201f9c182c5ce248bf1f8f258ab981e432719406a5f8edd96f
SSDEEP

6144:BjGJ1iR4zgr/VJWnhFIHReXTXYFiE/ebUA7:BjGJ4VJAIx2jYFH0T

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/wipefile/Interop.IWshRuntimeLibrary.dll
unpack001/wipefile/WipeFile.exe

Files

799456244a5900ab247497c706fef7305e45af704befde8694d8712f435172a7
.zip
wipefile/GnDown.url
.url
wipefile/Help/Help.de.html
.html
wipefile/Help/Help.en.html
.html
wipefile/Help/Help.fr.html
.html
wipefile/Help/common/appicon_32.png
.png
wipefile/Help/common/help.css
wipefile/Interop.IWshRuntimeLibrary.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wipefile/Languages/!!! Important Notes for Translators !!!.txt
wipefile/Languages/ar.Arabic.lng
wipefile/Languages/de.German.lng
wipefile/Languages/en.English.lng
wipefile/Languages/es.Spanish.lng
wipefile/Languages/fr.French.lng
wipefile/Languages/gr.Greek.lng
wipefile/Languages/hu.Hungarian.lng
wipefile/Languages/it.Italian.lng
wipefile/Languages/jp.Japanese.lng
wipefile/Languages/kr.Korean.lng
wipefile/Languages/nl.Dutch.lng
wipefile/Languages/pl.Polish.lng
wipefile/Languages/pt.Portuguese.lng
wipefile/Languages/ru.Russian.lng
wipefile/Languages/tr.Turkish.lng
wipefile/Languages/ua.Ukrainian.lng
wipefile/Languages/zh.Chinese (Simplified).lng
wipefile/Languages/zh.Chinese.lng
wipefile/WipeFile.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\DevProjects\WipeFile\WipeFile\obj\Release\WipeFile.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 34KB - Virtual size: 34KB

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 181KB - Virtual size: 180KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 34KB - Virtual size: 34KB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 181KB - Virtual size: 180KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 12B