leet-cheats-freeware[.]vmp[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

leet-cheats-freeware.vmp.exe
Size

6.6MB
MD5

13950d86cb3748b2a1f535eaace1a3d6
SHA1

9b1634057a11119ed38d1574bc2db160084cefd3
SHA256

10328d771df10ba9f20ff5a65046d559bdf35d36855bba0af909febaee9e53a9
SHA512

6ee06e0576d571f9e2fedbe904ecfab5a83b2fd8adc28d469ab08c728610eab215b8c6946feab8f4e33510978e879c66618225f23c4c3b6dff66b96147fd0964
SSDEEP

196608:lHi7E7LsX2GHY282Nhg5f4X6JiqO5ftIEDaajLeaK/m:lH74mGHQ2NmV4qJDO5ftYH/m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
leet-cheats-freeware.vmp.exe

Files

leet-cheats-freeware.vmp.exe
.exe windows:6 windows x64 arch:x64

4aa6ed91510da0d5b48f2d32edf60423

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WaitForSingleObject

shell32

ShellExecuteW

Sections

.text
Size: - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l#g
Size: - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.O4I
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Myc
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ