amaterasu-obf[.]exe | Triage

Resubmissions

13/12/2023, 03:01

231213-dh9lwsfcbm 3

15/01/2023, 04:15

230115-evjrnsdg5v 1

Sharing

Copy URL Twitter E-mail

General

Target

amaterasu-obf.exe
Size

1.9MB
MD5

3de455c4c750caa7470acf95d2484ff2
SHA1

0568c5bda212eaa8822783009ceca2019574f9cf
SHA256

385bbd7df3c0b0a64f5e2115c6bf1f241a637072c290e5885448b6c32b124e68
SHA512

927370d286ce3e8d8808b88cfb1b91bdf4731e909d2a085115e6c1a57e2ccc9e7636359e05706a694a65d1ee1c9071ac9d71b801373e01b450e287a5876db308
SSDEEP

24576:4r3ukW3sB2uRGoNXgBGZqxAgE6/qGQecwpOaXpJSvZBObspDdKDWLf:4ruH8fRGoaOD3iv1OaXpGOaQDWT

Score

N/A

Malware Config

Signatures

Files

amaterasu-obf.exe
.exe windows x64

79b3362178937bf9559741c46bb9e035

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 1.9MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.foo
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ