LOGS URL[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

LOGS URL.zip
Size

352KB
MD5

1ac8f23131537d54032a3cfe7f6bed00
SHA1

0c4cb7599d9744fa9e50b72b1254de6676d267d1
SHA256

edcbcc6de354276df9862a7d17e60d45fec118f7309232e8bb62fc9e458205d3
SHA512

1ba0b348b7f807047b3c013a9064133a3184256bc707a631948bc77da331b9d3ecb0ca17526a84af769c80347397f6762860b8ae247e8db1c9d2013c4eca5df6
SSDEEP

6144:tPZASWSLGEiQuSTVV26x61f2uCSMKqJbst5ALfmi8vvs0mD2lUukZBsbilHcJTQI:tPZNWF9QF61f2uCqqSt5A77OpYBsTQI

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/LOGS URL/LOGS_URL.exe
unpack001/LOGS URL/MetroSuite 2.0.dll
unpack001/LOGS URL/Ookii.Dialogs.Wpf.dll

Files

LOGS URL.zip
.zip

Password: tr
LOGS URL/LOGS_URL.exe
.exe windows:4 windows x86 arch:x86

Password: tr

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LOGS URL/MetroSuite 2.0.dll
.dll windows:4 windows x86 arch:x86

Password: tr

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Martin\Documents\Visual Studio 2013\Projects\MetroSuite 2.0\MetroSuite 2.0\obj\Debug\MetroSuite 2.0.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LOGS URL/Ookii.Dialogs.Wpf.dll
.dll windows:4 windows x86 arch:x86

Password: tr

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\ookii-dialogs-wpf\ookii-dialogs-wpf\src\Ookii.Dialogs.Wpf\obj\Release\net462\Ookii.Dialogs.Wpf.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Password.txt

Sharing

General

Malware Config

Signatures

Files

Password: tr

Password: tr

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 258KB - Virtual size: 258KB

.rsrc Size: 83KB - Virtual size: 82KB

.reloc Size: 512B - Virtual size: 12B

Password: tr

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 291KB - Virtual size: 290KB

.sdata Size: 512B - Virtual size: 312B

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 512B - Virtual size: 12B

Password: tr

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 100KB - Virtual size: 100KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 258KB - Virtual size: 258KB

.rsrc
Size: 83KB - Virtual size: 82KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 291KB - Virtual size: 290KB

.sdata
Size: 512B - Virtual size: 312B

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B