VPNMonitorService[.]1[.]0[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

VPNMonitorService.1.0.rar
Size

18KB
MD5

1c61c2637e33d106c775d7da0585b0ce
SHA1

0a5e4bafe6c13ef511a4bfac54ff750360bda24a
SHA256

13dd628fa7b96ca7b45b94d1491e1b8fa5fc267af71c76049596c5d2e01e69f5
SHA512

29d001d1ebb9988b1e2cac1c202856a530e05cdcc6dc040923fdc4289348076921a4a4e7747b43710dfff078458f4f8240bbee96601438035d997511658ad2f3
SSDEEP

384:OiYBghuk+qvBc74wQdQtLS04v4hGH6C3Kg3palGkRQR32dvR1Z9iiupN:UDk+GxFdoctH3Kg8MkO2x6FN

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/VPNMonitor.dll
unpack001/VPNMonitorService.exe

Files

VPNMonitorService.1.0.rar
.rar

Password: infected
VPNMonitor.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\My Programming\FW 30 Projects\VPNMonitor\VPNMonitor\obj\Debug\VPNMonitor.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VPNMonitor.ico
VPNMonitor.pdb
VPNMonitorService.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\My Programming\FW 30 Projects\VPNMonitor\VPNMonitorService\obj\Debug\VPNMonitorService.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VPNMonitorService.exe.config
VPNMonitorService.pdb

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 1024B - Virtual size: 792B

.reloc Size: 512B - Virtual size: 12B

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 10KB - Virtual size: 10KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 792B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B