09082024_0213_08082024_install[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09082024_0213_08082024_install.zip
Size

109KB
MD5

a245a391bf192dc8cf44d1ec4c0d3e2d
SHA1

a7e8ea0c25f35804a4ec21cc284f74d5a784ea5b
SHA256

272e96a5a68552a78635c0dee99d3d620ab87f8c7667d97ac87d64916f07f143
SHA512

2fab180bc5ddfdbe3244d2454df77cb21aa10ec3a4563b4bea0e65adb65cd3f5f60078cf9c322a8f5157a36698b199d9439951a0e6df36bb05f4da8a09b9d9e6
SSDEEP

3072:MO4xjeuZ0Gdb+rYQpB3pADEea1yy61nT32eX:LQJ+9Agnoy61nTmA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/install/Silker2.gha

Files

09082024_0213_08082024_install.zip
.zip

Password: infected
install/Silker2.gha
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\liors\Desktop\ICD\MoA 2023\Silker2\Silker2\Silker2\obj\Debug\net48\Silker2.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
install/Silker2_Tester.gh
install/caccon mesh.gh