AVM[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AVM.exe
Size

27.5MB
MD5

7c9ca4d1eb152d98cb1aa9513d033913
SHA1

a8317c87bf77103697469aaf63b3c1c6e3f32759
SHA256

cb6704b84c4c37039244662f45fd1042d8e0ff71a32a80b89efd1c57f79b5354
SHA512

f8c6729abadf65e27be8e1daa0ce1d053cef74bcac0b1e86f7ff8ac686be73e54da3550e8ca310a0c5fc48c0cd53e8880f824210e18613198693fdc946390f57
SSDEEP

393216:1z+9o/lXeOUH6OvBrS2XWizDB+cSYXoddVaH/7KF8zdSyoMDALfL4yZwiC1yuq2z:1CrVWigONHjKGoY5q2aN1DTbrJPdrs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AVM.exe

Files

AVM.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

cTfoj
Size: 26.9MB - Virtual size: 79.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DNj4N
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PFepj
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

T8kTK
Size: 478KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

U6xmn
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

mSHIJ
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ