Nowy folder skompresowany (zip)[.]zip

General

Target

Nowy folder skompresowany (zip).zip
Size

290KB
MD5

d657618987ca5e8d67a15c81838785dc
SHA1

3c3131c08f44d32b3f4187ce554bab7f6ae05162
SHA256

28b0d06eeaffb56b82e4d983393ac5c7c7cb18795352399f563be33b6f4b321c
SHA512

8d049c44dd65f1f5fac715c791f009027aa80d5c46d117c9497e35ba3f96a59b1db897447044282b90c52cf25f29618b8873e2b68e5ee8fbe8ef009244ed224d
SSDEEP

6144:YBaqOi2+XbTW/El202xSJR2JC2SS8H/WmMpVmq63ptr:uaZMrfl20ZR2yMD0ptr

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Libs/CSInputs.dll
unpack001/TGMacro.exe

Files

Nowy folder skompresowany (zip).zip
.zip
Libs/CSInputs.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\trksyln\Coding\trksyln.net\repos\CSInputs\obj\Debug\CSInputs.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGMacro.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\trksyln\Coding\trksyln.net\repos\TGMacro\obj\Debug\TGMacro.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1011KB - Virtual size: 1010KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 17KB - Virtual size: 17KB

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1011KB - Virtual size: 1010KB

.rsrc Size: 113KB - Virtual size: 113KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 1011KB - Virtual size: 1010KB

.rsrc
Size: 113KB - Virtual size: 113KB

.reloc
Size: 512B - Virtual size: 12B