Xlag 3[.]0[.]zip

General

Target

Xlag 3.0.zip
Size

1.5MB
MD5

e68a41d7e5013061c2368d14533cd438
SHA1

9d34379857f5df0123bc8db79c2bf6d15c760e41
SHA256

5845691070caeda0d6b61218e1500d3fd3b3e475659d90ab191852fb503a5ec7
SHA512

698cfc1061b0ec69b14cafcf378d9d0347fe0a3c1786f40b1e4d3456cd39fda5eb204f38a06d4f864d195c46b74b4c81307c0bd90c1abaa30745cfa84f69e568
SSDEEP

49152:z30maogc2JerCd+t0dmbKVWXpZIaZnOqDgRp:haogc2gCd2kmuVWZ/OqMr

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Xlag 3.0/Xlag 3.0/Xlag 3.0/DevComponents.DotNetBar2.dll
unpack001/Xlag 3.0/Xlag 3.0/Xlag 3.0/Xlag 3.0.exe

Files

Xlag 3.0.zip
.zip
Xlag 3.0/Xlag 3.0/Xlag 3.0/DevComponents.DotNetBar2.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.textxc
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.datax
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Xlag 3.0/Xlag 3.0/Xlag 3.0/Xlag 3.0.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Josh\My Documents\XLAG3BETTER\Xlag3\Xlag3\obj\x86\Release\Xlag3.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.textxc Size: 4.1MB - Virtual size: 4.1MB

.datax Size: 8KB - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 86B

.reloc Size: 4KB - Virtual size: 12B

.rsrc Size: 4KB - Virtual size: 1KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 334KB - Virtual size: 334KB

.sdata Size: 512B - Virtual size: 146B

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 512B - Virtual size: 12B

.textxc
Size: 4.1MB - Virtual size: 4.1MB

.datax
Size: 8KB - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 86B

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 4KB - Virtual size: 1KB

.text
Size: 334KB - Virtual size: 334KB

.sdata
Size: 512B - Virtual size: 146B

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 512B - Virtual size: 12B