62692b628b6f534f6c1e80471e1f9f92 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62692b628b6f534f6c1e80471e1f9f92
Size

884KB
MD5

62692b628b6f534f6c1e80471e1f9f92
SHA1

7dcfebfe7c6e244da9e1336d6f2166c2795de3ee
SHA256

dcee70f6b15ebe8c181751458387a5196a347a13963e0a11d602485af4d47551
SHA512

ea3684a43516085374eadf3dc6e638357e76adc72a198daef2766bb3f5b801e3f82707406bc325cdbc656ca98e4119cef5e69629c48b379b1192786dc463802e
SSDEEP

24576:GtF3hJvcA93+LVN9Vfg8jS6qV/6IF7wX5X5EQ:GtxHvcU+Y8j7q8I+pJEQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Two Worlds II v1.0 + 6 Trainer.exe

Files

62692b628b6f534f6c1e80471e1f9f92
.zip
README.txt
Two Worlds II v1.0 + 6 Trainer.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

CODE
Size: 862KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
file verification.txt
h4x0r.nfo