Desktop[.]zip | Triage

Sharing

General

Target

Desktop.zip
Size

74KB
MD5

fae67169be756999a5d9cc083d8fd124
SHA1

16ecfc0ddb3a4dffaeadab1b7d9f5285977d48a1
SHA256

c379c9583715071fbc015975c864abffa5ceea349d3c5c8ba0c075963f4d134c
SHA512

fb1a6b301950f4a93fe8a77ce46f99dcbad0c625e875ae7b9b1922d6ed8e767d09bc4009a3378ecc2410b39ce206c7086df1d2e4cfc761e6e0313b41a70b68f2
SSDEEP

1536:XNZSFr+cgo+dHK2+OKd2X4X1SKGuqJarEW/bIDaMELziR8aqX4wWu:dAF0owH7JkSfW/b7MwiZC4Tu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MonkeModManager.exe

Files

Desktop.zip
.zip
MonkeModManager.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Furry\source\repos\MonkeyModFix\MonkeModManager\obj\Debug\MonkeModManager.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XWormRemover.bat