MBRLock[.]exe | Triage

Sharing

General

Target

MBRLock.exe
Size

844KB
MD5

7e179d064b2d20b4ea5e6d492abf8f2b
SHA1

443f89939b9cd36a169aa04e15fa0637ec228a93
SHA256

dfc56a704b5e031f3b0d2d0ea1d06f9157758ad950483b44ac4b77d33293cb38
SHA512

5796a854c7722c5658d47d44d3f14f17d864b796981508cb3897e87b4f0ff7bae7a27e6e4c83766b1f66fc6c9c046728c53bc527220c2247e03b8e87108bff17
SSDEEP

12288:axPVLTOnLRrLHO0zKX1AsE7eTZni5Kyt5dh2:a5V/OLRnHFzKFAsTTZiUyt5dh2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MBRLock.exe

Files

MBRLock.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 528KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ