Anti root premium V1[.]4[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Anti root premium V1.4.exe
Size

384KB
MD5

03c0679e99dfd12f5ab5d3ff7a270936
SHA1

8cce87c473a4021906af809a9aa537e42994d144
SHA256

1adebf7411d7817000d4d63529c93ec316e9bb2a56457352af631fd408e07e51
SHA512

53ad70baceef162d62fa3d22adabe77c42011c34013313c55aad7bfaf82fb0b7b89859a6e6d9994920ade2f8a2a6703c88ae5bc3f6efc5523e11490a88b1f95d
SSDEEP

6144:Sb+j85hGi72HIoeU38hy9bsXYQRV1lZ39dXF0vNrPWqyyo/GwUtm5r0HfrBqI:WbkIk3CXY0IpPWJr/GwUtmr0HfrBqI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Anti root premium V1.4.exe

Files

Anti root premium V1.4.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

7HVkU.,z
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7HVkU.,z
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d60e11fd
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ