UNITY-VIP[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

UNITY-VIP.exe
Size

6.8MB
MD5

3a7d443af6345cf24fefbe9d213e6dde
SHA1

706662ee9fa5a0e00a073744d678982878d32907
SHA256

646ce300d645388f184d72727c677cb6a28498322c3f3dfe4edfbbeb4d5c569c
SHA512

33fb2afc9eceebf41432e441f6aeae1a0c123d1756511f85f7a0958494dbcf89bf0f56c7e3fe2b6a6fe8bf1694d9032fbaa0c04f338b0514b55bc66bea3de874
SSDEEP

98304:TcwXWCwAttgXdS4+B+OptuHzq2oT+Qmlmm5X03EDVg1:TckWA0XdSkOptYU7mN0u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
UNITY-VIP.exe

Files

UNITY-VIP.exe
.exe windows:6 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 3.8MB - Virtual size: 9.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hovojmfq
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mcbwchca
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE