AiR Keygen[.]exe | Triage

Resubmissions

13-03-2024 20:42

240313-zgzaesgc4s 3

13-03-2024 20:37

240313-zehvnaab98 3

Sharing

General

Target

AiR Keygen.exe
Size

76KB
MD5

f9fbd5dd6847d84062a43ad5f9160238
SHA1

3501eb33a19bac6fecf94e72066a872a72fb86dd
SHA256

957be4f4181d2e421b446d13157739369c8f44ddeddb0853dfbff2fda8b57dec
SHA512

d8e817e4bd0552a78c47e6c16ba739daabd507f1c6a55774b7735625a21dddea53b55a05703f4dc4d95335be5d6dbfd5f5e2c0ae8a8dcf9b0dfb30050c5c79cc
SSDEEP

1536:2C8IEL4rq4/oz0ze7FX7ba+eIEpKVnMTwIYk1HJ:CIELj/0CJrbLZEGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AiR Keygen.exe

Files

AiR Keygen.exe
.exe windows:4 windows x86 arch:x86

b2ae2b4814c6bae89f1f46ff229c1bed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndDialog

msvcrt

free

winmm

timeGetTime

Sections

.MPRESS1
Size: 71KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE