EP35-CABAL[.]zip

General

Target

EP35-CABAL.zip
Size

2.1MB
MD5

94f21b180069e2676eb695ea60e85313
SHA1

b95d71ffb4fac616fe4da6c47b28f8baf208856b
SHA256

51511a9a1b7c852317af3a140271f65abdaccf2e14a4c5a9d98abb691b701828
SHA512

51ae161a99b70c325d7f7afcea9142d31d813dda9f2fbd3d2212caaac5cb22bb3b4c10506208a3f0e717732d472ae3084ee8ac03d6871c26a98612e22f8921e9
SSDEEP

49152:Ubhc5D+uEp31FiSN/se4JeUp71isUCKTvhvIzDv:Ulc5DS31FuneA19HShSDv

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Bunifu_UI_v1.5.3.dll
unpack001/Kidd.exe

Files

EP35-CABAL.zip
.zip
Bunifu_UI_v1.5.3.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kidd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Source Codes\Visual Studio 2022\Projects\Kidd Trainer\Kidd - PH\Kidd\obj\Debug\Kidd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 234KB - Virtual size: 233KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rsrc Size: 110KB - Virtual size: 110KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 234KB - Virtual size: 233KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 2.5MB - Virtual size: 2.5MB

.rsrc
Size: 110KB - Virtual size: 110KB

.reloc
Size: 512B - Virtual size: 12B