drive-download-20241004T232853Z-001[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

drive-download-20241004T232853Z-001.zip
Size

3.8MB
MD5

1687ebd4bf9a5701149657d398e4935c
SHA1

9b4afa92e4c1e64322317c32b490469c853020b4
SHA256

0efec8938d1c3ea5f8493daaec6bb0a6102d3ad70c56afbf1b1648557244cb51
SHA512

424f4f853a8244fa6c10c6b737b33d2eafee027fcc8b0d73ccc5c9b0daf7aba6afe6c3a0bed350c8be5b6d7e531b7398868817a4c3067c010831f8a2e15132e6
SSDEEP

98304:2WSBK6tp6potplcg3v6huRvx78ZoW/mcKRHZ/P1elc3HFuEHv98fAx9Yru/UGHPb:2Wqtp6potplcg3vZZxyoW/mcKRHZ/P8s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ArchiveFix.exe

Files

drive-download-20241004T232853Z-001.zip
.zip
ArchiveFix.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

L:\tools\gta-toolkit\Tools\ArchiveFix\obj\Release\ArchiveFix.pdb

Sections

.text
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
gtav_aes_key.dat
gtav_hash_lut.dat
gtav_ng_decrypt_tables.dat
gtav_ng_encrypt_luts.dat
gtav_ng_encrypt_tables.dat
gtav_ng_key.dat