MxaadnvQ[.]cpl | Triage

Sharing

Copy URL Twitter E-mail

General

Target

MxaadnvQ.cpl
Size

1KB
MD5

08095785077cbf328dd444ce87b6c6ec
SHA1

62d705c9351412a696b8d5b64ab60c0aec6587cd
SHA256

9214511fe8a58f2c366798e9d38b5aceb005cf695a86b18dddd577150b4b3d31
SHA512

4b9cc0136a18fa679a00b2395329dcd931d1dda1e488084ab184ec054b2783a7b01569b3fc1d0dd6f3ce7b9c47f62bafdc126fc2ed915248cc58a395863df78c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume9/RECYCLER/S-3-5-01-4621304173-6055156028-813125507-4057/MxaadnvQ.cpl

Files

MxaadnvQ.cpl
.zip

Password: S@ndb0x!2023@@
Device/HarddiskVolume9/RECYCLER/S-3-5-01-4621304173-6055156028-813125507-4057/MxaadnvQ.cpl
.dll windows x86

Password: S@ndb0x!2023@@

b6f391375d741ab65301de3824d105be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateMutexA
CreateProcessA
GetLastError
GetModuleFileNameA
ReleaseMutex
lstrcpyA
lstrlenA

Sections

.text
Size: 1024B - Virtual size: 566B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 307B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json