OptiCraft[.]exe | Triage

Sharing

General

Target

OptiCraft.exe
Size

103.1MB
MD5

fa1e2d0025f4c943cd4959cd5d006b41
SHA1

ef54fc77c8ba18b4d4000ed3baeedcac12fc0fee
SHA256

4ee94bd36928819258f5ebefe7ca0f44a9aa9d9b3795c2565545ed30c83fcd05
SHA512

7a5ab5a19746ff70dfad5644c8db60c869719a5b08654014733a81de304a70aa03c39ae60a67ecc76c06fd4be2c299f453b2ed382edc3470eb66ce30237cae13
SSDEEP

1572864:9GGcQZcg9gRPpzhphqxBYM4/L8GiYl4wHc3nv4HI8+7s0zr9kPK35A/P5/2tyC00:l8Nphq/YM4Lc40zrf060Hllv8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
OptiCraft.exe

Files

OptiCraft.exe
.exe windows:6 windows x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

Size: 73.5MB - Virtual size: 73.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.0MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmmfvebw
Size: 23.6MB - Virtual size: 23.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

epfnaioh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE