Deep Rock Galactic Trainer +24 v1[.]36[.]71232[.]0[.]exe | Triage

Resubmissions

06/03/2024, 15:29

240306-sw8n3scb8v 3

Sharing

Copy URL Twitter E-mail

General

Target

Deep Rock Galactic Trainer +24 v1.36.71232.0.exe
Size

26KB
MD5

be408b7098651a4dd62b8d6895618de7
SHA1

f2b70a12f19e262fac490cef87b80e208a56ac81
SHA256

77f2bfdc7ac12f63464fe7ed79f61e1f288f0e3a48c91961ac22d4dd6621ba5a
SHA512

81b5f3e03916cc3c339e594b2195f1f4437c42019f4a25cc21b7de56ffd5b4330150ef3623fb6f475323bbcec3f9f3cebc3431d722ad2c328208975df3573fef
SSDEEP

384:cdbMXHNI/N9Oz2So3OC8VeHbnkTCEp+DW1KwdIbsCAmPJp+OcXLvBH53vTaln7Iq:cdbMXu/N7S4aeHLkmEgOKAGeX1L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Deep Rock Galactic Trainer +24 v1.36.71232.0.exe

Files

Deep Rock Galactic Trainer +24 v1.36.71232.0.exe
.exe windows:1 windows x64 arch:x64

Password: trainer

4e184f00bf6c133ec0e6c316eff1b239

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

MessageBoxW

Sections

.MPRESS1
Size: 21KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE