b8905f6f8f19e94430120996489874bb | Triage

Sharing

General

Target

b8905f6f8f19e94430120996489874bb
Size

9.5MB
MD5

b8905f6f8f19e94430120996489874bb
SHA1

0bdcb95b180731ef4be1ed122df26e36a63ddf23
SHA256

842e8fed840167f961513fc86cc65add49a4a1b15c30ffe8c6fd2e6e4eb3354e
SHA512

6f8644a9b905da8cb29e75b2bf28b03bc0bd1c00fe44b742d9c7965ec7c0bb222189db0283233f2caec32b1be95758488a1dd319221a86b8007f1129a2a75c3b
SSDEEP

196608:2NgfT0xfYus8L8BgG8c0bxz84IdGc/n3owzG4YI09ktJttazqpwtuvCmqhki:QgfoxflV8BgpcYxzTIgg4aMX964zqpwV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/keygen.exe

Files

b8905f6f8f19e94430120996489874bb
.rar
SetupBadCDDVDRecovery.msi
.msi
keygen.exe
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gwjz854o
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9rylnibq
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE