hyper_installed [.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

hyper_installed .zip
Size

3.9MB
MD5

ba035cd43f33110baa0d760b78ef6a06
SHA1

a421d603be3f34ac2ef53515974dd73f0969c685
SHA256

ac426e21493afa3ee82c58787a6376cbbffe8facee5a80461466e0cb4c6d516b
SHA512

51cfb1de59594a7b7e67499421c4a033b6296e24156cb1b758ddebec534507160771d2b80befb43f34b1023b62b0b515a7029d0eaaf454d2f0caf18dbf502147
SSDEEP

49152:EDgGn00H5Vh3yARIE7svjDpufwUVCjJpzLZGWFjC13UYL3uMnFueCKCeG0iBkxt3:Cd0cJCAOj0fw7P0WxC13hLekueBJGs3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/hyper_installed .exe

Files

hyper_installed .zip
.zip
hyper_installed .exe
.exe windows x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 655.9MB - Virtual size: 655.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mnqntpcj
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tiitycjs
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE