a1fa97ac970d680c009e35a2cee15b1002f4498a61db3aebdf4ec304cb276d27 | Triage

Sharing

General

Target

a1fa97ac970d680c009e35a2cee15b1002f4498a61db3aebdf4ec304cb276d27
Size

9.7MB
MD5

b6d5550de49bc2e55457583e872cb7f7
SHA1

b99ddbe14253f2aacbddfb0643469066ae17ec17
SHA256

a1fa97ac970d680c009e35a2cee15b1002f4498a61db3aebdf4ec304cb276d27
SHA512

ecd25967fa529afb0e34aa296dcc6766fd6ec57256e7da090d498c94f21e401c4b898e3c1ba1d39179cc35131d7533192160a54b0768f684bb73786f5c720613
SSDEEP

196608:7V6TIa9ni9Us8Dm5sTUQl3rkqCkBc8zacJG7a8FKvxNpPgeNTOStx:7Eni9GkKrl3gqCkrzacGO88vdo6OS3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Momon Star Emerald/NUPS.exe

Files

a1fa97ac970d680c009e35a2cee15b1002f4498a61db3aebdf4ec304cb276d27
.zip
Moémon Star Emerald/Changed Evolutions.txt
Moémon Star Emerald/Changelog.txt
Moémon Star Emerald/Credits.txt
Moémon Star Emerald/Moémon Star Emerald.ups
Moémon Star Emerald/README.txt
Momon Star Emerald/NUPS.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Timo\Documents\Visual Studio 2008\Projects\Hacking\UPSpatcher\UPSpatcher\obj\Release\NUPS.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ