85aeb0eca144912f0713ac4e8392e2645a91bb4ba8e2ffa55e5bf834665170af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85aeb0eca144912f0713ac4e8392e2645a91bb4ba8e2ffa55e5bf834665170af
Size

2.5MB
MD5

749cb9cb3ce89a03fdd97a9aaf96e895
SHA1

73ecd478ace66e1dfb7aeed8ed061af48214a46f
SHA256

85aeb0eca144912f0713ac4e8392e2645a91bb4ba8e2ffa55e5bf834665170af
SHA512

ac0afac898ab53a3277b4d1aef90af246ca8596872a6a61bbf47817c1ea038fc4394094a4d14d2cc0aa94aeaf1435f9ccc7cf7143010ff581fd4256dc653bd31
SSDEEP

49152:HeQrvEMM5sf8FaVtKGzTNxpAdLn/XlIHSSzYAO:HjvEL4V9zjpQ/1EYh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85aeb0eca144912f0713ac4e8392e2645a91bb4ba8e2ffa55e5bf834665170af

Files

85aeb0eca144912f0713ac4e8392e2645a91bb4ba8e2ffa55e5bf834665170af
.exe windows:6 windows x64 arch:x64

dde04a4a91a59ef24083f245b804ae7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetCursorPos

advapi32

RegCloseKey

shell32

SHGetFolderPathA

ole32

CoCreateInstance

oleaut32

VariantClear

Sections

.MPRESS1
Size: 2.4MB - Virtual size: 8.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE