Overview

overview

6

Static

static

3

mf-polaris2001.zip

windows11-21h2-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Quarantined Messages.zip

  • Size

    451KB

  • MD5

    242daa5b67a5b5f0f52e542caa2cf05f

  • SHA1

    91a3e65171864068d6a3d67507f553ced35e9a13

  • SHA256

    cb038d447faf377c01c6b4f3d21386540215ec8db87e1281dbe415f9aab3fde9

  • SHA512

    6acb2d770081ef96b829bb738862db89981f0c73936f5cafecbe61a55d55a4154f6b3929212400b3f9d3904027533fa1366c155152c7b5873c6053ac78a282f0

  • SSDEEP

    12288:ItWFBLUrmurAkOJDdsFWsgzB/orTAmTTYl11YM0N3B:RFx8MkO5GFSooPmNR

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Quarantined Messages.zip
    .zip

    Password: infected

  • mf-polaris2001.zip
    .zip

    Password: infected

  • polaris2001/Addons/bookwarezfind.ini
    .vbs
  • polaris2001/Addons/clones1.ini
  • polaris2001/Addons/clones2.ini
  • polaris2001/Addons/clones3.ini
  • polaris2001/Addons/color-chg.ini
  • polaris2001/Addons/encrypt.ini
  • polaris2001/Addons/fileserver.ini
  • polaris2001/Addons/ftp_addon.ini
  • polaris2001/Addons/install.ini
  • polaris2001/Addons/maxcps.ini
  • polaris2001/Addons/search.ini
  • polaris2001/Addons/text.ini
  • polaris2001/Addons/urecords.ini
  • polaris2001/Addons/voice.ini
  • polaris2001/Docs/Settings.ini
  • polaris2001/Pager.wav
  • polaris2001/System/Aliases/advert.ini
  • polaris2001/System/Aliases/alias1.ini
  • polaris2001/System/Aliases/alias2.ini
  • polaris2001/System/Aliases/alias3.ini
  • polaris2001/System/Aliases/alias4.ini
  • polaris2001/System/Aliases/transfer.ini
  • polaris2001/System/country.ini
  • polaris2001/System/popups.ini
    .ps1
  • polaris2001/System/remotes/action.ini
  • polaris2001/System/remotes/chat.ini
  • polaris2001/System/remotes/close.ini
  • polaris2001/System/remotes/connect.ini
  • polaris2001/System/remotes/ctcp.ini
  • polaris2001/System/remotes/custom.ini
  • polaris2001/System/remotes/dalnet.ini
  • polaris2001/System/remotes/dcc.ini
  • polaris2001/System/remotes/dialog-1.ini
  • polaris2001/System/remotes/dialog-2.ini
  • polaris2001/System/remotes/disconnect.ini
  • polaris2001/System/remotes/input.ini
  • polaris2001/System/remotes/invite.ini
  • polaris2001/System/remotes/join.ini
  • polaris2001/System/remotes/kick.ini
  • polaris2001/System/remotes/menus.ini
  • polaris2001/System/remotes/modes.ini
  • polaris2001/System/remotes/newnet.ini
  • polaris2001/System/remotes/nick.ini
  • polaris2001/System/remotes/notice.ini
  • polaris2001/System/remotes/open.ini
  • polaris2001/System/remotes/other.ini
  • polaris2001/System/remotes/part.ini
  • polaris2001/System/remotes/quit.ini
  • polaris2001/System/remotes/raws.ini
  • polaris2001/System/remotes/relicnet.ini
  • polaris2001/System/remotes/serv.ini
  • polaris2001/System/remotes/snotice.ini
  • polaris2001/System/remotes/socks.ini
  • polaris2001/System/remotes/start.ini
  • polaris2001/System/remotes/table.ini
  • polaris2001/System/remotes/text.ini
  • polaris2001/System/remotes/topic.ini
  • polaris2001/System/remotes/wallops.ini
  • polaris2001/System/users.ini
  • polaris2001/System/vars.ini
  • polaris2001/Text/ANNOYING.TXT
  • polaris2001/Text/AOL.txt
  • polaris2001/Text/Adict.txt
  • polaris2001/Text/Kick.txt
  • polaris2001/Text/Mama.txt
  • polaris2001/Text/RedNeck.txt
  • polaris2001/channels.txt
  • polaris2001/disclaimer.txt
  • polaris2001/finger.txt
  • polaris2001/info.dll
  • polaris2001/ircintro.hlp
  • polaris2001/loader.bat
  • polaris2001/mirc.GID
  • polaris2001/mirc.hlp
  • polaris2001/mirc.ini
  • polaris2001/mlink32.exe
    .exe windows:1 windows x86 arch:x86

    Password: infected

    c3b0cb340b9064d5b99a6b8117a59195


    Headers

    Imports

    Exports

    Sections

  • polaris2001/polaris.bmp
  • polaris2001/servers.ini
  • polaris2001/urls.ini