Renegade[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Renegade.zip
Size

20.5MB
MD5

d6ff751a066b4ae2e3a2b614fb300644
SHA1

2fc42b5d5d880edaefd6657ca5792b4f882fe9ae
SHA256

f40774a13f565958b2806c69f5edac7a3c38b9a00ff13a845d2c276211d29afb
SHA512

b78a56a03ec176dfca19d44b3701e1e11a74af4ee516207843c94072b997caac4dd5be64e7e6116849af9f34d0594bf4498ccfb26a01e380d3f0b586ba1329f9
SSDEEP

393216:BlZZiVhISliUD7YqyWo2Znp24E/9humYx+5FGi3aGTPNyz4HwzOp:7ZZcISliS7GDEnpy9fYx+GirTFI4QSp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Renegade/Launcher.exe

Files

Renegade.zip
.zip

Password: 776688
Renegade/Launcher.exe
.exe windows:4 windows x86 arch:x86

Password: 776688

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Renegade/bin/libGLESv2.dll
Renegade/bin/nss3.dll
Renegade/compiler.dll
Renegade/conf
Renegade/enginev3.dll
Renegade/gkcodecs.dll
Renegade/icudtl.dat