0291aQyU[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

0291aQyU.zip
Size

183KB
MD5

0800a3f863a4aad46651a908a758e6f0
SHA1

fc3acf29f54b6689990f012e01d4de506971a851
SHA256

df67a043106e69b61f5308dd75b8b635f66cd104d048add6612e7d5fe03245c6
SHA512

8647ba1d977a01bd8625e5adf0aa50d043bc2da5a4c7819e179a5a2586aa26347e16969402b6fc6724d1a8ca61d644449737137f6c92856aa6482347d3dc845a
SSDEEP

1536:APfPxthoKI2FIivn+MR4mq2Yr4/CDFAhmBfH2mtZWnTF51JZKgVH85CzNpnqA+g/:WfPRI2muVGmW4/4f2meJIkkI/HJUw7V

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Release/Release/NiggaSploit.dll
unpack001/Release/Release/lizzy ware v4.exe

Files

0291aQyU.zip
.zip
Release/Release/NiggaSploit.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\White Cat\Downloads\km\EvolveAPI\obj\Release\NiggaSploit.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Release/Release/lizzy ware v4.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\yersi\source\repos\lizzy ware v4\lizzy ware v4\obj\Release\lizzy ware v4.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Release/Release/lizzy ware v4.exe.config
Release/Release/lizzy ware v4.pdb

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 141KB - Virtual size: 141KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 141KB - Virtual size: 141KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B