NerestPC changer fix[.]exe | Triage

Resubmissions

02/08/2024, 17:39

240802-v8fvyataqq 10

Sharing

Copy URL Twitter E-mail

General

Target

NerestPC changer fix.exe
Size

5.5MB
MD5

9c017d59ef6597cb0ffcc0dbac9cc13e
SHA1

f30ac3ad355210c7f3ed2c2a66a76bca70a69424
SHA256

3cb2a13fce2811ec3dd19354d7b9480c085860db5665f1c1300261e395655894
SHA512

3ad9e4a58f62b9e456346f8e8c40068f6db1fa31c13574f97a0720d29c04a3516ce55d8802f86f535fc94168d5597026811ea57eeee0efd1214a4b14996c8139
SSDEEP

98304:jPn8dhRfFBytu8LpCpfHLWUyK/y60DztPwFDHNtz18en5GsywyQ1EbHDsbTGuWaw:jPn8dGtH1ePLWU/660DzNINX5DyzWEcG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NerestPC changer fix.exe

Files

NerestPC changer fix.exe
.exe windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.winlice
Size: - Virtual size: 7.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ