0c79282249e16575cc82664fcec0467842ef4483734a2bbb4487f8245d8be877

Sharing

Copy URL Twitter E-mail

General

Target

0c79282249e16575cc82664fcec0467842ef4483734a2bbb4487f8245d8be877
Size

8.7MB
MD5

cc246a9bfa4486a7d00a4a0bf1450638
SHA1

257f57345d4cfe0a3abd8d03d30af877c8562f52
SHA256

0c79282249e16575cc82664fcec0467842ef4483734a2bbb4487f8245d8be877
SHA512

2554e06a380aaeb1bdf79fc66ead18c7f633cab8df8f1e4ad904ba688fc8d3879550af37d24a265b3868f124c7e95c9382116b820e7f929c6d74b07daac4e18c
SSDEEP

196608:Obzl8VKmHKbzl8VKmHMbzl8VKmHcbzl8VKmHX:CBSKTBSKHBSKxBSKI

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DDOS1995/IRC.dll
unpack001/DDOS1995/log4net.dll
unpack001/DDOS1995/طوفان_الأقصى.exe

Files

0c79282249e16575cc82664fcec0467842ef4483734a2bbb4487f8245d8be877
.zip
DDOS1995/1915.txt
DDOS1995/Forbidden403.config
.xml
DDOS1995/Forbidden403.pdb
DDOS1995/IRC.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\rakwan\Downloads\DDOSsourcecode\DDOSsourcecode\IRC\obj\Debug\IRC.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DDOS1995/IRC.pdb
DDOS1995/log4net.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\log4net\tags\1.2.15RC1\bin\net\2.0\release\log4net.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DDOS1995/log4net.xml
.vbs .xml polyglot
DDOS1995/users.txt
DDOS1995/طوفان_الأقصى.config
.xml
DDOS1995/طوفان_الأقصى.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\rakwan\Downloads\DDOSsourcecode\DDOSsourcecode\obj\Debug\Forbidden403.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 86KB - Virtual size: 85KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 288KB - Virtual size: 286KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 6.5MB - Virtual size: 6.5MB

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 86KB - Virtual size: 85KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 288KB - Virtual size: 286KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 6.5MB - Virtual size: 6.5MB

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 512B - Virtual size: 12B