slinky[.]zip | Triage

Sharing

General

Target

slinky.zip
Size

25.2MB
MD5

e20961e369d5b9765bce07a779354983
SHA1

59405b30def871768f0f9112ce230c4d2024ae7b
SHA256

fcb106827586304ef102ff328b1b34333b85c4303eadf5d42e4cfed1d6c73c3a
SHA512

7cf5bee0f76801beea4d9e80d2fcba28655638f4b53c5cfe8927b7529b1daff8e9977c9918c1abcbcfea9cdde6bc3b345bd3b0fc0ceb52589cd8e6b66d6f1ea2
SSDEEP

786432:jLP9NtAao+Z1bUSM8d0Rc/wA1anVLYEsF2hbo/m/x:H9Q1+ZtZMdRLjQ2hUu/x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/slinkyloader.exe

Files

slinky.zip
.zip
slinkyloader.rar
.rar
slinkyloader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 25.2MB - Virtual size: 25.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ