mw2 thunder[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mw2 thunder.exe
Size

14.0MB
MD5

94b494ad7175bab3473892e7b90cec93
SHA1

07360e7a53699bfa288b8b181d85d6cec6472d32
SHA256

9883a23abbf83021560e44d5f15ef10813b53c1e251a39fc68a8970aaba47202
SHA512

788f53a8aca4a14f6f204b94f3ee64d1fb7dee0c3a5cd2a75ec72bae81803c8cbb27b904c05b483161aeba75c199ac588433848518c1357e785ec251e4c97bff
SSDEEP

196608:UlSWY69bViuNisSxVGdxALc4Y3rMkEJf2hy84uHGIUxRNIE6akBz5YxAVuR5x2Rb:GT7XR4YrtEF2hy84XRSNjSxA5RiRNSI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mw2 thunder.exe

Files

mw2 thunder.exe
.exe windows:6 windows x64 arch:x64

1c9e07af67348622700778228d2e8f08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_0
Size: - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_2
Size: 13.9MB - Virtual size: 13.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ