bob manager[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

bob manager.rar
Size

1.7MB
MD5

22638fea7d206fd84a5e50daffd068ef
SHA1

b25f5c1578ab3599132ad0af9f22d2477f29e0ad
SHA256

32642e12459117c4d8a680edbc9fbe2be872a2d998f0bdde424dcb88552bf393
SHA512

0bf800ee002e0a773227b65dddd8504e8f1303376f0bb604678e958969f69eeb3e88f0ce0c1ea6f9ea2bef2ed0ab1c6bc52e7f55136d23370df840a883e6e68f
SSDEEP

49152:1IjPGQ6HplLA63gCF1VO/SOLKKIDl0Xjn3f7qnJ:1IjeQ6PLAsDGSUK5xAqJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MHW_ModManager.exe
unpack001/ModManagerData/7z.dll

Files

bob manager.rar
.rar
MHW_ModManager.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\GitSynced\MHWModManager\MHW_ModManager\obj\Debug\MHW_ModManager.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ModManagerData/7z.dll
.dll windows:5 windows x86 arch:x86

fdfc27674603cc16ced1fb097b8d5970

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
WaitForMultipleObjects
VirtualFree
GetProcAddress
VirtualAlloc
GetModuleHandleA
WaitForSingleObject
SetEvent
InitializeCriticalSection
CreateEventA
CreateSemaphoreA
ReleaseSemaphore
ResetEvent
CloseHandle
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CompareFileTime
SetLastError
SetFileAttributesA
DeleteFileA
GetTempPathA
GetTempFileNameA
CreateFileA
ReadFile
WriteFile
GetSystemInfo
DosDateTimeToFileTime
FileTimeToDosDateTime
GetSystemTime
SystemTimeToFileTime
GetStringTypeW
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
LoadLibraryW
HeapAlloc
HeapFree
EncodePointer
DecodePointer
ExitThread
CreateThread
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
Sleep
HeapSize
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException

user32

CharNextA
CharLowerW
CharUpperW
CharLowerA
CharUpperA
CharPrevExA

oleaut32

VariantCopy
SysFreeString
SysAllocString
VariantClear
SysAllocStringByteLen

Exports

Exports

CreateObject
GetHandlerProperty
GetHandlerProperty2
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode

Sections

.text
Size: 896KB - Virtual size: 895KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rsrc Size: 92KB - Virtual size: 92KB

.reloc Size: 512B - Virtual size: 12B

fdfc27674603cc16ced1fb097b8d5970

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 896KB - Virtual size: 895KB

.rdata Size: 118KB - Virtual size: 118KB

.data Size: 30KB - Virtual size: 55KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 57KB - Virtual size: 56KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rsrc
Size: 92KB - Virtual size: 92KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 896KB - Virtual size: 895KB

.rdata
Size: 118KB - Virtual size: 118KB

.data
Size: 30KB - Virtual size: 55KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 57KB - Virtual size: 56KB