Static task
static1
General
-
Target
New Compressed (zipped) Folder.zip
-
Size
1.9MB
-
MD5
f186cc0d846dcf633fe58e4784eaf27e
-
SHA1
085cf6e1b9eaf69a72509b79d6839a1214a87d28
-
SHA256
d4cfcf8ea9c78bcda6a1b1330557fe9da21fa13beeac6acc526b3dc53a87537a
-
SHA512
187d722ceb9729f47b48f60e79fa43e6cb53841da20a0d127bca5c5687cc05aed11e02c61f38b85948bf117874c09522ae49cb09e8ece15e37da125403fe202c
-
SSDEEP
49152:OS37JbtFfcqwsc75wwJnmJiRMtTJ+sc75wwJnmJiRMtTJ7:OoxK5H0vJg5H0vJ7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/DDR/BootstrapperV1.17.exe
Files
-
New Compressed (zipped) Folder.zip.zip
-
DDR/BootstrapperV1.17.exe.exe windows:4 windows x64 arch:x64
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 793KB - Virtual size: 793KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
DDR/DISCORD
-
DDR/workspace/3813107352.ttwizz
-
DDR/workspace/Aether/config.json
-
DDR/workspace/AlSploit/AlSploitConfiguration13.lua
-
DDR/workspace/AlSploit/Minecraft.otf
-
DDR/workspace/AlSploit/MinecraftFace.json
-
DDR/workspace/Aurora/config.json
-
DDR/workspace/CCD4E2DD5C26EE2AF5FA0A7487EBC8C9
-
DDR/workspace/DoorsSex/2440500124.txt
-
DDR/workspace/FluentSettings/options.json
-
DDR/workspace/IY_FE.iy
-
DDR/workspace/KadeHub/options.json
-
DDR/workspace/KavoConfig.JSON
-
DDR/workspace/LinoriaLibSettings/themes/default.txt
-
DDR/workspace/NEXAM_HUB_BLADE_BALL.json
-
DDR/workspace/NeutronAimbot/Universal/settings/ddr.json
-
DDR/workspace/NeutronAimbot/options.json
-
DDR/workspace/OrionTest/6035872082.txt
-
DDR/workspace/PPHUD/Arrow.png.png
-
DDR/workspace/PPHUD/Resize.png.png
-
DDR/workspace/Revenant/Circle.png.png
-
DDR/workspace/Rivals/options.json
-
DDR/workspace/Setting/DragonAdv.json
-
DDR/workspace/Sirius/Assets/startup.wav.html
-
DDR/workspace/Sirius/Music/readme.txt
-
DDR/workspace/Sirius/settings.srs
-
DDR/workspace/Sirius/version.srs
-
DDR/workspace/UISettings.ttwizz
-
DDR/workspace/clutch.lua/configs/Closet.json
-
DDR/workspace/dex/deps_version.dat
-
DDR/workspace/dex/rbx_api.dat
-
DDR/workspace/dex/rbx_rmd.dat
-
DDR/workspace/discordlibinfo.txt
-
DDR/workspace/pe8cPiJ.webm
-
DDR/workspace/venox_rival_key.txt
-
DDR/workspace/venoxware/6035872082.txt
-
DDR/workspace/venoxware/fat_man_yapping.webm
-
DDR/workspace/venoxware/key.txt