Dope[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Dope.zip
Size

2.6MB
MD5

81fb5514afb073c771d581e0bf7e3454
SHA1

7add354a282933f1430c6665af920ae09518ded9
SHA256

9625805279945c4f5c59f294f4d20ad8b9c646bba9d2289c1f5b60bc027637d5
SHA512

bce6fa7535cd11c41b8a912395fd2b3315b121713ac4aa903fc86a591d6a485ac01b41382ba3a48ec680b1e5ada3308a2a936243c0c773f7a035dc9921f29121
SSDEEP

49152:/H2O+Y1jcbMHM3GCvZxfLaQyUIc/zXJgoHUrq6bIrK5ibmAbwvYlDOStmE1n:/H2O11jGMEtv/fL9yUL/zXJL0rq6MryG

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack003/new/AnyDesk (DOPP.IN).exe
unpack003/old/Dope.exe

Files

Dope.zip
.zip
Dope - Copia.zip
.zip
Dope - Copia - Copia.zip
.zip
new/AnyDesk (DOPP.IN).exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 77B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
new/how to use.txt
old/Dope.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\SSVERIFY\Desktop\DopeDev-main\Dope\Dope\obj\Debug\Dope.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
old/assets/Default.wav
old/assets/G303.wav
old/assets/G502.wav
old/assets/GPro.wav
old/assets/HP.wav
old/assets/Regular.wav

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 5.4MB - Virtual size: 5.4MB

.rsrc Size: 4KB - Virtual size: 4KB

.text Size: 512B - Virtual size: 77B

.text Size: 110KB - Virtual size: 109KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 250KB - Virtual size: 250KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 5.4MB - Virtual size: 5.4MB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 512B - Virtual size: 77B

.text
Size: 110KB - Virtual size: 109KB

.text
Size: 250KB - Virtual size: 250KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B