XB36Hazards_Launcher_v4(1)[.]zip | Triage

Sharing

General

Target

XB36Hazards_Launcher_v4(1).zip
Size

4.0MB
MD5

89038a1debe7024313b2b47dbad06aec
SHA1

0eaf518f0c4771c0a057c18db6873821e738c1fb
SHA256

bcc77155b20cc3a845dfe35255ec748c5d248ec8236691730c4612bc3de16fa1
SHA512

34c70a300ea49b21e6c47b142bf09042a45050a8d838f1bf7a1ba70d9ec1990814f043fd5f485f5ebb02990580f65e100a33af61d22bd53e1d1e268526b63351
SSDEEP

98304:i0lZZhM1jKTBsy6KPEBCgdaInHZ7tycP86Fi:i0lLhqjHcPEBtHZ5ycP86Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/XB36Hazards Launcher.exe

Files

XB36Hazards_Launcher_v4(1).zip
.zip
XB36Hazards Launcher.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\XB36Hazard\Documents\Visual Studio 2015\Projects\XB36Hazard_Launcher\XB36Hazard_Launcher\obj\Release\XB36Hazards Launcher.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ