AppGate2103v01[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AppGate2103v01.exe
Size

4.2MB
MD5

3953bbad77cdcb9d5af2694eed7e6688
SHA1

f965b69eb36d1fbdfb7dfa8c26ba959f395b3223
SHA256

62206e7cb02b4fe03c535aa4daaecfa46b42dbd28a756471e50784b7622cecaf
SHA512

94a5033ede92683e063829c5a8f2d720c919d1320bf4db18cc9a2e2a69387530b4afacc73cf987695a01c09acba1169eea77a0ff269b41698147cd64e64a7d38
SSDEEP

98304:e58vmrQB/A24LDjFO07zDJHBSswWbdIM9F4AoP829ni+tiCCb:e5IB/A241ttEkIO4AoU2ZvnCb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AppGate2103v01.exe

Files

AppGate2103v01.exe
.exe windows:6 windows x64 arch:x64

dde04a4a91a59ef24083f245b804ae7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetCursorPos

advapi32

RegCloseKey

shell32

SHGetFolderPathA

ole32

CoCreateInstance

oleaut32

VariantClear

Sections

.MPRESS1
Size: 4.1MB - Virtual size: 10.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE