vmware-workstation17-keygen-btcr[.]rar | Triage

Resubmissions

04/07/2023, 21:24

230704-z9b1lahg37 5

04/07/2023, 21:06

230704-zx219ahf82 5

Sharing

Copy URL Twitter E-mail

General

Target

vmware-workstation17-keygen-btcr.rar
Size

732KB
MD5

f42f1553636b42d70f14d67cd91d7227
SHA1

6f09d072fadf695f12c3291a6ac985ac6437e89e
SHA256

5cc034f97cd39a38595f694cdc5c250bd89534bbd824c0494ea73794eabad2c3
SHA512

50a0ac325c11a38615d06f6ded147cd767c51907cd8fcfd2b447480cb305ba3c37487ac876d4d5c6c95f8b0a9598e0713d328b4836e2ae26863174d84f5a2e25
SSDEEP

12288:O9+/mjlXi0R+AxiSe1laEXL+VRI4k0OBNRvuy9iHNiez4mrtEikIiveXiK+hkERz:Iom+Axi77+vecyy0mEik7Y4kEnCw9DZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Keygen-Windows.exe

Files

vmware-workstation17-keygen-btcr.rar
.rar

Password: www.digiboy.ir
Keygen-Linux
.elf linux x64
Keygen-Windows.exe
.exe windows x86

Password: www.digiboy.ir

32a31fbc8bf28db3ee1293055ab37840

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

IsWindowEnabled

advapi32

RegOpenKeyExA

comctl32

ImageList_Create

Sections

.pdata
Size: - Virtual size: 1.1MB

IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE