General

  • Target

    Spire_KeyGen.exe

  • Size

    1.5MB

  • MD5

    5c9f3adbba5308f6a68c3193e323bed4

  • SHA1

    d5635b0f7fe8aa38318017c6ee456d479edd6086

  • SHA256

    2a4130b0fbb1f1537f9fc94c3ede8bd29d883402d6a2b237cf3e1b9e41b789cc

  • SHA512

    7176cfec2edb9e044faa461a52ffcca9c950bcd23da4a970f7dc8c7b3725d5ea57605111de224972c71023ef0b240a036de2b42798efda7d75dbddd8ef5f27e7

  • SSDEEP

    24576:XYkcL5MqgxAVDas0/dQ3PAhRPmiolCRdvQKVUbWvkv5SyrH9rMaILM4Ro5rlA5Eo:okA5JslUAm/lCRTvkvlHxqfF8tEuE

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • Spire_KeyGen.exe
    .exe windows:4 windows x86 arch:x86

    61259b55b8912888e90f516ca08dc514


    Headers

    Imports

    Sections

  • $TEMP/BASSMOD.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $TEMP/R2RSPRKG2.dll
    .dll windows:6 windows x86 arch:x86

    3c3d89b6ecffce16ed7709fa70cf7715


    Headers

    Imports

    Exports

    Sections

  • $TEMP/bgm.xm
  • $TEMP/keygen.exe
    .exe windows:4 windows x86 arch:x86

    61baf0ac33a569be37eaea52c317de1e


    Headers

    Imports

    Sections