c54882f183af5805d987ce4131e5a1ff

Sharing

Copy URL Twitter E-mail

General

Target

c54882f183af5805d987ce4131e5a1ff
Size

2.3MB
MD5

c54882f183af5805d987ce4131e5a1ff
SHA1

3701c9e5726c1fbd264d6c18151e675dc53a6104
SHA256

98e9ff5b82f029334b542ecac59fc1eed3ddbd209ea1a274e523526793b08f1c
SHA512

cd84a7975e4aee002e7c87be5624601fef435e4dad638a9e48b6a84fc7a4ea2ba53d59e4bba1304cb3723df77c73306624667066b5b85be52d42f0eb67c73a8e
SSDEEP

49152:FCVoJODtYakMjymt1P+TYlTluAAmpzW6R0PJ8QWx44RVGERD0:4iJODKi1mTP+WE0PqNhRLD0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ME3+21Tr-LNG/ME3+21Tr-LNG.exe

Files

c54882f183af5805d987ce4131e5a1ff
.zip
Download More Trainers, NoCd, NoDvD and Updates.url
ME3+21Tr-LNG/ME3+21Tr-LNG - I.N.F.O.txt
ME3+21Tr-LNG/ME3+21Tr-LNG.exe
.exe windows:4 windows x86 arch:x86

8273d30113af3c7aeac92ae7e9d0db6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrToUnicode

kernel32

CreateThread
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

winmm

waveOutOpen

user32

MessageBoxA

Exports

Exports

�ahz�� ]c÷��FQY��:�q�F4rU��%��[]K��J�?[V�*E�y�-��?[� W��(u��.%�0�� 8��X��Y��&��g��+KD��B�uI�Y�6��z��>�|��P��YY��2Dsa�^U� �'�%�C1_��Y+&Q�6z�4B|��s�B��o�r��_��U��]K "e��L�&��igAɡ�ד�,��M��[�.d��r6��F��2��@��Bo��ђR�9��N]3S�;H�Z�5!��P��9SP2�(�߲R.v��#�$�ߣ�,�?Yg��Gu��͓�AK��g�jk��>�_�F��^�c�l�ک&� �ŰX�+��lA�mP��ƪ-Y��e��8�PBn0�q��%��`VE��uP��޷�%��_�Qw�-ww�y{�~��"�I�R��R�9�^�\�#��aB��d��0��̹1��d�E�M�sE�/�Y��~J^��N�8��Ya��(�*��K�gJ�DV��89�+x��v��X�޽��МZ��:�E�ǃddO�7�\�T��| �G��B��ߢLl\qj��;Dlv"0b��;O�?��L��+z��w�l�� M��ϟ�V1�y�]��m$�gѳ�r��H�;{��D�Jg�S޲i`;�,��N�z��`2��QO9�~^��F|w�tX��\,��h��1��l:��a[Z2��<�j�g��Z�u�0�ä��ǉU�dS�K��XA�%@h]Tg��YG_�o밣��φ��?�MԳ�3��W�.�$l�d�8{kV��g�;��3O,?�@}�)X6d]c��W��zEg�(��2��@�� )�ߡ K�ޞ|�b[az50�a��d�"'��c��Nӗ��X�J��ۍ�B��uհ�X�!��w�%�t�V�=@��_{�7�S��,xr�Q�Ϋ��7�ؗ��'#5��K��o�te�v�P��m�~��Er RؓO)u)%-K�h m�q��ҁD:�1I�6��P�=;�+2�<�>;<~΄�#2��T �!��r>7i��܄�\��7��a�)��LA��nN�H�^ꧧ��U�<3��0�� ej �UhJn�<�ܥ�zGݺ��f�Z��Z��'��n7��)��VIm ��6��{�Rn�vn$Kq*��U��r;V��y��WP�TK�,b�zJ��!X��Y�h�e0H9I ��g��N�b� K�-<-T�礂�xG�f�l^�� ^f��mb�ѹ�C�:z��+ňv8K%k��{�։��~�+��fݢ�B�<๣�fr_4��l�L�C��,SD��|CG94�O��ea3k@�@?qh=�zf��8��N�A��QYB�X��2��`�+˨S�u� '��J؇M^��g��ڞp|��EY��SЫ�@#��M�/�Α"+��3��*1?5��s�T Z��f�Q��SrF��F7��T��nb׈�qn��Sn��d��7�q׮�Т�7�`q�ZWp�3�Cw��;a��6��}��+��A��ш|�G㾒��g�ؿ��\nV�F4��,�� *"&& ��wi��!��Y%�dWu��^~��$�$R��B�H��*��)O�� z�^��s�e?3j:"��\{>糵%�%�hɝ��-��N��]��"��B6�Q��E� ^� ܫ��/0�L�"G�5��/N��m"��T��_n�]��Q�BTb\��Ȣ�n|�d�.��|' Ue��7,�'ْ�)y\�� {��\�*p/�C��K�%m��F� C��n3�� >{D#��|��2wS�c�8l0Ȣ }1O�k[(HI%��:� �bm��v��7��(�n��[J��w�+�$ �we�N�vĒ��f��e��KU�1gM��\.祲�p'��Ҙ._-�0\� ]\)�L��'��?>!�e�fO�Wu�D��I�_7��T��3��V��``�Ky��%��{�X�/�Uhfh�z�%��ꉖxʮ��A�9k��αp*��&��-�T�?@� J�b�:��_�'�u��zoB�1��{g��I��C��"� сa-Ɍ�$��:X��Vk��V�Ӭ��P��_��?U&�M�y r�Q��X��QPOQ>`3$�F[!�l��E.,��ڱIO��K�a��K�?w^lNNWj��\[�y'0R�ֽ��*��iD�+��`%1�+jޟ��ˋ�jW߽��SKӰq�i��l,hU>(t8 i�ZPг��A�Ov�r�n��U�Vf�%&��J�4��ץ0��\��.��w4n�- N��,~�R[ᙜ�z�.��b|�l�%btY��8�.^��]�R�9�s��R��S�]V�%ms� rේb�t�K��t��ɐ�b�0T3[��" ��K�D��['��"�� ߱)* �~*�D��#W�%��4N��.�&6UV~�7>�ED�2��R{U��hV�kg��Q6�}��(:N�\�S��~l�6��C�}��=1�,�adϪ�NO~��s�ܨ`��R��;��;y�zLO ��.�P�w��a6�l�0I��͡p�=��h^�%��ؤ|�*��8��1��?�eq��J�N�.�~��Zckm@�[��M"́@S�3��>��O��I�:TJ��R��5��hBjڀ+�+��s��Y3:�ʊ��؎��^p�&��a��ZF@{Ghgt�Yk�*�ɢP1̝�ZN��m��Փv��:Z�-rTOA�v�N�j�7��\�(�v�Y�T*

Sections

.text
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VCrypt0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VCrypt1
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ME3+21Tr-LNG/VERY IMPORTANT!.txt
readme.txt
 ᪠砭  ᠩ PlayGround.ru.url
.url

Sharing

General

Malware Config

Signatures

Files

8273d30113af3c7aeac92ae7e9d0db6b

Headers

File Characteristics

Imports

msvbvm60

kernel32

winmm

user32

Exports

Exports

Sections

.text Size: - Virtual size: 3.5MB

.data Size: - Virtual size: 84KB

.rsrc Size: 21KB - Virtual size: 1.3MB

.VCrypt0 Size: - Virtual size: 1.5MB

.tls Size: 512B - Virtual size: 24B

.VCrypt1 Size: 2.3MB - Virtual size: 2.3MB

.text
Size: - Virtual size: 3.5MB

.data
Size: - Virtual size: 84KB

.rsrc
Size: 21KB - Virtual size: 1.3MB

.VCrypt0
Size: - Virtual size: 1.5MB

.tls
Size: 512B - Virtual size: 24B

.VCrypt1
Size: 2.3MB - Virtual size: 2.3MB