HyperEdit-1[.]5[.]8_for-KSP-1[.]4[.]4[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HyperEdit-1.5.8_for-KSP-1.4.4.zip
Size

116KB
MD5

f95d61a210aef84429898e032e28b8e4
SHA1

121048ea199981626d5250c3d7c5cc6a4009a142
SHA256

3e2ca8ca9214215218882599c8f4f0b78798dbe5bf995552138033cf18c14a8b
SHA512

8b25ce9731b5835b98728e829cbea8d192dd7163bec522343db2b13f2f6ad80da57caaff1be38fac5d02c83a1bc79c7cfd6382ba1148430d9da44090c28d9796
SSDEEP

3072:jH3TkJ1XY/W3zd3tzi1YY5rZFInR4Z5MimsHVC3:jDkJFYe3R6z5HmRqFU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GameData/Kerbaltek/HyperEdit.dll

Files

HyperEdit-1.5.8_for-KSP-1.4.4.zip
.zip
GameData/Kerbaltek/Flags/Kerbaltek-Aerospace.png
.png
GameData/Kerbaltek/Flags/Kerbaltek-Rocket.png
.png
GameData/Kerbaltek/Flags/Kerbaltek-Satellite.png
.png
GameData/Kerbaltek/Flags/Kerbaltek-Spaceplane.png
.png
GameData/Kerbaltek/Flags/Kerbaltek-Station.png
.png
GameData/Kerbaltek/HyperEdit.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\MyDocs2\GitHub\HyperEdit\obj\Release\HyperEdit.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GameData/Kerbaltek/HyperEdit/HyperEdit.version
GameData/Kerbaltek/HyperEdit/HyperEdit_ReadMe.txt