Software_1[.]30[.]1 (3578)[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Software_1.30.1 (3578).rar
Size

11.1MB
MD5

3663248bd48ac78a7f3075454a4e2e60
SHA1

12f283d55dc39e94cf001532f8f6949ee06ca3eb
SHA256

67dc973d3d8c99bb06d4005239c9d973c9b7045dd595adb1fac9cf589df18e81
SHA512

813263ea5df22733015aa04ba97bc52d5b6432f61e7abb22e8fa76898f7821c36bbd4c008c7eeed53aabd3bcfb708af438a67454a15edb9ab6691786f0b9c2df
SSDEEP

196608:qr1ZV35y+3TBPzY8XEg9qY4lyyZreVg94jW8JF7qh2g9FDNEcouVBrozC3El7OGm:y3gKBzY8J9qzx8g94SoFuhL9FaczozqB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Software_1.30.1.exe

Files

Software_1.30.1 (3578).rar
.rar

Password: 3578
Debug/Addition.dll
Debug/Autoupdater.ini
Debug/Cracker.dll
Debug/DebugPPF.tmp
Debug/DebugPPT.tmp
Debug/Helper.dll
Debug/Management.log
Debug/Resource.dll
Debug/main.ini
Language.pimx
Main.ini
Packaged/Main.ini
.xml
Packaged/Resource.dll
Packaged/Utils.dll
.xml
Software_1.30.1.exe
.exe windows:4 windows x86 arch:x86

Password: 3578

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\rje\tg\o\obj\Release\ojc.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ