2024-09-13_67903a4fe1546a2ca01009f9f27a1bb8_hijackloader_karagany_mafia | Triage

Sharing

General

Target

2024-09-13_67903a4fe1546a2ca01009f9f27a1bb8_hijackloader_karagany_mafia
Size

15.5MB
MD5

67903a4fe1546a2ca01009f9f27a1bb8
SHA1

624162caaac2bd61435fc332307e75326ce0d0c4
SHA256

845e23d11b1ed563a00bc0903a4ff483d201b632644034216ecc46279d6aa7e2
SHA512

85d383a3df8a1a5655ba07d7b4dcd62f9483c273bda89326866bc135e69f70b907c4ec81cca8797be471f6ba61a245a8ae2770b780201d69ea505d267351e19a
SSDEEP

393216:ZTrbJj2ioLXR3T6i1eXzzuZirMkSB/mJozzinxvb:prbJjdcRWzzuwSk8zub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-13_67903a4fe1546a2ca01009f9f27a1bb8_hijackloader_karagany_mafia

Files

2024-09-13_67903a4fe1546a2ca01009f9f27a1bb8_hijackloader_karagany_mafia
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\SerGreen\Source\Repos\Appacker\UnpackerWindowless\obj\Release\UnpackerWindowless.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ