TGMacro[.]Portable[.]zip

General

Target

TGMacro.Portable.zip
Size

290KB
MD5

685ead528f0f338dfb22826fadcb533a
SHA1

b3fec6d359f2f9722eb26b563c91fa202dff6cb5
SHA256

8e985ce8d5e8fd51551f9d043daf7a8ed94284b347afd09906cf5de4a8eaa7a7
SHA512

bfc0b3c7df74c821744664b217d2f9a4124e64834db86d088a71d68a8a8ace0110a8d64c323309cae033a49fddc28ec589d50ce3e691da5a50ce3f015872379f
SSDEEP

6144:Ixte9USKIy5Sb8X057/UuuOoltOZp7tot52o5Ja0xR7wyRZY+65nM:5UUwS/UJGztSQyJNxVwQZd6BM

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Libs/CSInputs.dll
unpack001/TGMacro.exe

Files

TGMacro.Portable.zip
.zip
Libs/CSInputs.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\trksyln\Coding\trksyln.net\repos\CSInputs\obj\Debug\CSInputs.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGMacro.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\trksyln\Coding\trksyln.net\repos\TGMacro\obj\Debug\TGMacro.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1011KB - Virtual size: 1010KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 17KB - Virtual size: 17KB

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1011KB - Virtual size: 1010KB

.rsrc Size: 113KB - Virtual size: 113KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 1011KB - Virtual size: 1010KB

.rsrc
Size: 113KB - Virtual size: 113KB

.reloc
Size: 512B - Virtual size: 12B