Origami[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Origami.zip
Size

14KB
MD5

5791755a9dd59cf975e3dd60af9c62c6
SHA1

f14b1ee5ce46ad6bbb7998bcd3712d800ee0f73d
SHA256

57c76e4c832ece79806e7a1ecc9458405cbc6a6f9006d954484f52bec513a5ac
SHA512

ab43214c17e47700a650bbf8c5c614714f2d1a06fdf16374329b4f6017923002ec876adc7ee071b7069b85f684758e37f785a301ae7e979052e667f0c48c9ba1
SSDEEP

384:oQL02bZj2cVB4vkDbYBW1vR/PGJQZXJK6887E5ABv:xj2eavcb9RG8RY5Ap

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Origami.exe
unpack001/Runtime.dll

Files

Origami.zip
.zip
Origami.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator.ADMINISTRATOR\Downloads\Origami-master\Origami-master\src\obj\x64\Release\net472\Origami.pdb

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Runtime.dll
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator.ADMINISTRATOR\Downloads\Origami-master\Origami-master\Runtime\obj\x64\Release\netstandard2.0\Runtime.pdb

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ