Signature-Cloner-main[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Signature-Cloner-main.zip
Size

443KB
MD5

59ca7c2296cc9ff757fd1458d2a460c0
SHA1

554c671011d5baec07bc2d3d569c612822f753c8
SHA256

436839f27f54c23331fe2f5af61971ef698683689942849f726800a17bc5e105
SHA512

9fc11299fe432562649d46688a5f67398e35a3d3bf4ffb521c848d241f9edbc80fdb16b2a84bb309194ddb103c51e579ee774f70d27b527f6e3d2c2aec002df9
SSDEEP

6144:WDIGmVcsRIozmEBcjYDdaeoTjS+9gNs79h9HjYdV0OJY8FksFvsJGqLdbCj1l:WcGycsRzNZDqW6Ms5h97OJHmBBdWJl

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Signature-Cloner-main/MaterialSkin.dll
unpack001/Signature-Cloner-main/Signature Cloner.exe

Files

Signature-Cloner-main.zip
.zip
Signature-Cloner-main/MaterialSkin.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\lilpr\Desktop\MaterialSkin\MaterialSkin\obj\Debug\MaterialSkin.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 574KB - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Signature-Cloner-main/Signature Cloner.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\lilpr\Documents\Visual Studio 2017\Projects\Signature Cloner\Signature Cloner\obj\Release\Signature Cloner.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 377KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Signature-Cloner-main/Signature Cloner.xml
.xml
Signature-Cloner-main/readme.txt

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 574KB - Virtual size: 573KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 377KB - Virtual size: 376KB

.rsrc Size: 363KB - Virtual size: 363KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 574KB - Virtual size: 573KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 377KB - Virtual size: 376KB

.rsrc
Size: 363KB - Virtual size: 363KB

.reloc
Size: 512B - Virtual size: 12B