55265d5e894a38eb42af98a92b393cec_vabushky_JC[.]exe | Triage

Resubmissions

20-07-2024 07:23

240720-h7rvlawaqe 3

20-08-2023 11:42

230820-nvbwhagh3x 7

Sharing

General

Target

55265d5e894a38eb42af98a92b393cec_vabushky_JC.exe
Size

54KB
MD5

55265d5e894a38eb42af98a92b393cec
SHA1

098a7b43017b7c87e27a679bf5c23f136e1876e9
SHA256

cff638bb678402d0843f86ac269a81da45cd1b48c625ab053891e0df75f9e3df
SHA512

5ce34e4a545fb272a47541bdac58bcfce1820a3c91974c2d27523852a463dd7d87b2a7ccedb9a49e1fdcdcf8867e7697c956441dbbb315752d1183988385730d
SSDEEP

768:iGwwi3kNYsGVnyM69cgFeyat3zBGwvnZXUk+EjeOScG3u/fClJM43FrGIgaEPCMd:iGMo36pxZUk+OeOSc/Mn3FrGI1S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55265d5e894a38eb42af98a92b393cec_vabushky_JC.exe

Files

55265d5e894a38eb42af98a92b393cec_vabushky_JC.exe
.exe windows:5 windows x64 arch:x64

27866758e2384000aa4db66838a6893d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ntdll

strcat

shlwapi

StrStrIA

wininet

InternetOpenA

imagehlp

CheckSumMappedFile

version

VerQueryValueA

user32

GetDC

gdi32

EndPath

advapi32

RegOpenKeyA

Exports

Exports

Inject64End
Inject64Normal
Inject64Start
UacInject64End
UacInject64Start

Sections

.MPRESS1
Size: 50KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE