SwissArmySuite[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

SwissArmySuite.zip
Size

33.6MB
MD5

43a2c8d8d0b226bda140b1e4867b74db
SHA1

a041dcc61b5a2ef098f3c12dcc24b05d4b573ed4
SHA256

4a665905b9f38b14bdf6df4534d4be7e1f1f66e18c117fdf09bf3ae113e7f9ae
SHA512

4c2f1e48c599bef7923d6d923973a25e8569a31851b3ad07e4debc0a3f996142959a785d23ed7f55903c290bea573a6bf9d014231bf9bed72776838ef46ce5a9
SSDEEP

786432:/023Xy+8BYtbiDogGMhRNenIWUvCMIJQHdPBRfTSig78vflQ4p:/pC+gw6HNeIxvCRS9D7mAvy4p

Score

3^/10

Malware Config

Signatures

Embeds OpenSSL 1 IoCs

Embeds OpenSSL, may be used to circumvent TLS interception.

Processes:

resource	yara_rule
static1/unpack001/SwissArmySuite/SwissArmySuite	embeds_openssl

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/SwissArmySuite/SwissArmySuite.exe

Files

SwissArmySuite.zip
.zip
SwissArmySuite/SwissArmySuite
.elf linux x64
SwissArmySuite/SwissArmySuite.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 19.4MB - Virtual size: 19.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SwissArmySuite/antipub.db
SwissArmySuite/config.json
SwissArmySuite/output/checker/2024-11-17_04-43-10.txt
SwissArmySuite/output/checker/2024-11-18_08-53-33.txt
SwissArmySuite/output/checker/2024-11-18_09-31-38.txt
SwissArmySuite/output/checker/2024-11-18_11-17-08.txt
SwissArmySuite/output/urls/2024-07-08_23-47-41/all.txt
SwissArmySuite/output/urls/2024-07-08_23-56-11/all.txt
SwissArmySuite/output/urls/2024-07-08_23-56-11/filtered.txt
SwissArmySuite/output/urls/2024-07-11_23-02-11/all.txt
SwissArmySuite/output/urls/2024-07-11_23-02-11/filtered.txt
SwissArmySuite/output/urls/2024-11-03_09-25-16/all.txt
SwissArmySuite/output/urls/2024-11-03_09-25-16/filtered.txt
SwissArmySuite/output/urls/2024-11-04_11-34-13/all.txt
SwissArmySuite/output/urls/2024-11-04_11-34-13/filtered.txt
SwissArmySuite/output/urls/2024-11-05_13-00-57/all.txt
SwissArmySuite/output/urls/2024-11-05_13-00-57/filtered.txt
SwissArmySuite/output/urls/2024-11-09_11-27-41/all.txt
SwissArmySuite/output/urls/2024-11-09_11-27-41/filtered.txt
SwissArmySuite/output/urls/2024-11-10_06-47-25/all.txt
SwissArmySuite/output/urls/2024-11-10_09-11-32/all.txt
SwissArmySuite/output/urls/2024-11-10_09-11-32/filtered.txt
SwissArmySuite/output/urls/2024-11-12_10-42-37/all.txt
SwissArmySuite/output/urls/2024-11-12_10-42-37/filtered.txt
SwissArmySuite/output/urls/2024-11-12_10-52-53/all.txt
SwissArmySuite/output/urls/2024-11-12_10-52-53/filtered.txt
SwissArmySuite/output/urls/2024-11-12_11-02-19/all.txt
SwissArmySuite/output/urls/2024-11-12_11-02-19/filtered.txt
SwissArmySuite/output/urls/2024-11-12_11-28-45/all.txt
SwissArmySuite/output/urls/2024-11-12_11-28-45/filtered.txt
SwissArmySuite/output/urls/2024-11-12_11-32-30/all.txt
SwissArmySuite/output/urls/2024-11-12_16-23-34/all.txt
SwissArmySuite/output/urls/2024-11-12_16-23-34/filtered.txt
SwissArmySuite/output/urls/2024-11-13_00-47-41/all.txt
SwissArmySuite/output/urls/2024-11-13_12-36-16/all.txt
SwissArmySuite/output/urls/2024-11-13_12-36-16/filtered.txt
SwissArmySuite/output/urls/2024-11-13_14-39-22/all.txt
SwissArmySuite/output/urls/2024-11-13_14-39-22/filtered.txt
SwissArmySuite/output/urls/2024-11-13_15-25-12/all.txt
SwissArmySuite/output/urls/2024-11-13_15-25-12/filtered.txt
SwissArmySuite/output/urls/2024-11-13_16-12-01/all.txt
SwissArmySuite/output/urls/2024-11-13_16-12-01/filtered.txt
SwissArmySuite/output/urls/2024-11-14_10-09-15/all.txt
SwissArmySuite/output/urls/2024-11-15_03-47-39/all.txt
SwissArmySuite/output/urls/2024-11-15_03-47-39/filtered.txt
SwissArmySuite/output/urls/2024-11-16_10-18-46/all.txt
SwissArmySuite/output/urls/2024-11-16_10-18-46/filtered.txt
SwissArmySuite/output/urls/2024-11-16_10-39-22/all.txt
SwissArmySuite/output/urls/2024-11-16_10-39-22/filtered.txt
SwissArmySuite/output/urls/2024-11-16_12-54-27/all.txt
SwissArmySuite/output/urls/2024-11-16_12-54-27/filtered.txt
SwissArmySuite/output/urls/2024-11-16_17-16-16/all.txt
SwissArmySuite/output/urls/2024-11-16_17-16-16/filtered.txt
SwissArmySuite/output/urls/2024-11-17_00-01-12/all.txt
SwissArmySuite/output/urls/2024-11-17_04-51-21/all.txt
SwissArmySuite/output/urls/2024-11-17_04-51-21/filtered.txt
SwissArmySuite/output/urls/2024-11-17_04-56-50/all.txt
SwissArmySuite/output/urls/2024-11-17_04-56-50/filtered.txt
SwissArmySuite/output/urls/2024-11-17_08-49-06/all.txt
SwissArmySuite/output/urls/2024-11-17_08-49-06/filtered.txt
SwissArmySuite/output/urls/2024-11-17_11-21-14/all.txt
SwissArmySuite/output/urls/2024-11-17_11-21-14/filtered.txt
SwissArmySuite/output/urls/2024-11-17_14-36-32/all.txt
SwissArmySuite/output/urls/2024-11-17_14-36-32/filtered.txt
SwissArmySuite/output/vulns/2024-07-11_23-27-05/all.txt
SwissArmySuite/output/vulns/2024-07-11_23-27-05/mysql.txt
SwissArmySuite/output/vulns/2024-07-11_23-27-05/pgsql.txt
SwissArmySuite/output/vulns/2024-07-11_23-27-05/wafs.txt
SwissArmySuite/tokens/de.txt
SwissArmySuite/tokens/pt.txt
SwissArmySuite/tokens/sf.txt

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 19.4MB - Virtual size: 19.4MB

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 19.4MB - Virtual size: 19.4MB

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 512B - Virtual size: 12B