AVM[.]exe | Triage

Sharing

General

Target

AVM.exe
Size

17.6MB
MD5

16909c01a607db89f0801de5cd5968aa
SHA1

fe67795708fd84d5c9aaf18dee1ac30b5f47535f
SHA256

f3a7edc1f2b80c74ad1c589d08bd5f15081c2f4a4d102c6c4914ed7bc963bf38
SHA512

e9705b37c6ad70fea36e605afd35355afddfb45d87cb0df957a8a0b39835784f2bdafa3cbd0ed4d1e798a83afe0a32d7aea1c2cb16278913e324d8181a49d45f
SSDEEP

393216:ua3bvrcZt9smCJR0MTIByV9ovxlcvlbGDh9ZY5IQRBQtqEIzV2QABE:7JGMoZxWGh9ZYfkRIzVBAe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AVM.exe

Files

AVM.exe
.exe windows:6 windows x64 arch:x64

7070ceef3492d71ec92384f00f0bd050

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegOpenKeyExA

kernel32

GetModuleHandleA

shell32

SHGetDiskFreeSpaceA

user32

CreateMenu

Sections

.pdata
Size: - Virtual size: 37.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pexe
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pexe
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE