DisplyyLoader (1)[.]exe | Triage

Resubmissions

23/11/2023, 14:55

231123-sam59aad47 5

23/11/2023, 14:52

231123-r8xlxaad39 5

Sharing

Copy URL Twitter E-mail

General

Target

DisplyyLoader (1).exe
Size

1.1MB
MD5

97230f3ecf03cbf1fff05f0fb4453c17
SHA1

b9b9e37e9c9f37ba681e87ffabf7a33f05cf6bca
SHA256

9713ac5ddebaabd75e0e5b7ad1d0d06d5e00e866e9f95719c9d57099ec0c4811
SHA512

ab97f35c5f3dea0a31db88e9d3f8dde3129a5eb8995dc9414e09c04e6b912307eafe7c476b87ba59320b946203ef80c48da7d399c7e6e839a36c74efc0232382
SSDEEP

24576:9xp5wDl6d09i6ye1BdldyMIv6S7GvUq1kgT/iF1YdC8Sea8o5:wlW09vzLyMlsmUq1XicdiT5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DisplyyLoader (1).exe

Files

DisplyyLoader (1).exe
.exe windows:6 windows x64 arch:x64

4c5e1ab3b602c98f78b4a34a8bfcdeb9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

PathMakeUniqueName

advapi32

RegisterEventSourceA

user32

WaitMessage

kernel32

GetModuleHandleA

Sections

Size: - Virtual size: 889KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: - Virtual size: 621KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE