2PTvWY9MBG[.]zip

General

Target

2PTvWY9MBG.zip
Size

5.3MB
MD5

0ab31b85dc4075d788c072e23e270e20
SHA1

d9f0422356adab49e717c3faca0b865db9194ab1
SHA256

5d5f60a4199439081f4f1a4bc86a753a5a2695d513fff5d1ece7829ae29d42df
SHA512

638450adebb19ca966ef2a675404b0f5ae89d6d490c9861c6194921c58ff7940888a8d7475ddad32264744db9bab81cbc16cc6833e769d88e80195bc829aae12
SSDEEP

98304:2pladmVQxVyT3Fl7M/ztiYCdlUQWqeqyEv9/t7lxgFrGHG1b+63z:QajxVyZl7M/ztibSXNY9hgMGA6j

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2PTvWY9MBG.exe
unpack001/Dapper.dll

Files

2PTvWY9MBG.zip
.zip
2PTvWY9MBG.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

/;?6?^/]
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ro^%F_!x
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/B<h;.;O
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dapper.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

-iapC&~:
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

86O/TTQh
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

i*.,%[RO
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

|$VP:>Us
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ZHW:Y:)&
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

C_5l%8U#
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

/;?6?^/] Size: 2.2MB - Virtual size: 2.2MB

Ro^%F_!x Size: 3KB - Virtual size: 3KB

/B<h;.;O Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

-iapC&~: Size: - Virtual size: 1.5MB

86O/TTQh Size: - Virtual size: 1.7MB

i*.,%[RO Size: 512B - Virtual size: 8B

|$VP:>Us Size: 3.4MB - Virtual size: 3.4MB

ZHW:Y:)& Size: 1024B - Virtual size: 704B

C_5l%8U# Size: 512B - Virtual size: 12B

/;?6?^/]
Size: 2.2MB - Virtual size: 2.2MB

Ro^%F_!x
Size: 3KB - Virtual size: 3KB

/B<h;.;O
Size: 512B - Virtual size: 12B

-iapC&~:
Size: - Virtual size: 1.5MB

86O/TTQh
Size: - Virtual size: 1.7MB

i*.,%[RO
Size: 512B - Virtual size: 8B

|$VP:>Us
Size: 3.4MB - Virtual size: 3.4MB

ZHW:Y:)&
Size: 1024B - Virtual size: 704B

C_5l%8U#
Size: 512B - Virtual size: 12B