bVgTWXdrPYU3koGG[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bVgTWXdrPYU3koGG.exe
Size

3.2MB
MD5

32769a330983cda9d74ef787280df466
SHA1

1936767a811cf1ceef77e4f7fbbf55a3d49430ec
SHA256

e058e2ca06f0c8ca6cd589882ac97499cc7f0d10ef716a796584cd0fb9db54c3
SHA512

ad601f4011caca323ded5371662adfc14be76f837c4a19407ea4c98cf2eeabdb0ddd1e764c8d2973dd17192c93f58bb59af21fecfc58848d9b8a819dd3ae360b
SSDEEP

49152:xUrBFnJU70Q3KChUYqSCMzVyH+hmpZT9Oc+CPnpTbgyVtUflsTqzsnExZqLF/h00:U3C7fLCMpi+aNX+AUflsTcpxZqL5hY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bVgTWXdrPYU3koGG.exe

Files

bVgTWXdrPYU3koGG.exe
.exe windows:6 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 920KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wxotpmax
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wybwzvzi
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ