drive-download-20240808T042056Z-001[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

drive-download-20240808T042056Z-001.zip
Size

69KB
MD5

5539dffae00972b7c738a65381134545
SHA1

74a2dba89756ec6d4c7ae5fe962ef43d5b7ab4fc
SHA256

fa73f18ebeb2d31afe3a277b3da4ec409dcef29a161d896451f7e513a7cf8794
SHA512

35ac53f090af89d74e19a7aa19d0007a7097be246e633a047e81284c519f24bb0972f8599539fb23acbfbd22c4d7617d2e3bbfc052b6c2d65e2914c99b9da9a9
SSDEEP

1536:INrSq+SYy0OqGmzH2RPBMalbTZGfUeX0uUXh4FxDlbD:crv+xjOpUAP6al5GMK0uohsdlbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WBorisXGTModder paid.exe

Files

drive-download-20240808T042056Z-001.zip
.zip
WBorisXGTModder paid.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\trevi\Downloads\INJECTOR_PUBLIC_UPDATE_2\INJECTOR_PUBLIC\INJECTOR_PUBLIC\obj\Debug\WBorisXGTModder paid.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WBorisXGTModder paid.exe.config
WBorisXGTModder paid.pdb