AVM 5[.]4[.]1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AVM 5.4.1.exe
Size

22.1MB
MD5

1634bf6506918bc93785e21449e11f8a
SHA1

1e6f685de40853d2a35d1d8d7c5f3739dd7a1180
SHA256

c3eddfd73a16eb8145c9dc39939459767530ec1662e8c9f340df23439257d036
SHA512

d3ee89dc21807f72703ecd1daf29b67eecde8d0a8f3a2b3c270c05da056ce9f22670c88adb6f9e3f530e98812ad84d6cf23428bd4c0222e4dff072303081b7b5
SSDEEP

393216:aZgzqipPwYaY7x3IAHbiiZ/GYwnDhYwVshhDusJr1jQ:aZgOipPwYaY7mAJ/GYwnLVshdusxZQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AVM 5.4.1.exe

Files

AVM 5.4.1.exe
.exe windows:6 windows x64 arch:x64

1756aafff9c2943035c6e049f2afa27b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueW

kernel32

GetModuleHandleA

shell32

SHGetDiskFreeSpaceA

user32

OffsetRect

Sections

.data
Size: - Virtual size: 55.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pexe
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pexe
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE