2024-10-14_c85fc691d7354f8ec8071ccd362ca655_anydesk_mafia_revil | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-14_c85fc691d7354f8ec8071ccd362ca655_anydesk_mafia_revil
Size

11.2MB
MD5

c85fc691d7354f8ec8071ccd362ca655
SHA1

3bc4d4314b50532a3572e32515d0a2a4af804626
SHA256

da88d1d9f0bd51cb453ca262dca7a3792c6ae95472b941084575fc00d546210e
SHA512

ea555ed792550a419cbbb24a5c62b23918b7d7086a14bad3045956c4745cc4b19aa8e04f5a2fdf407ecee07a23a73bd62e10421f742dca59591a6d04aad317cc
SSDEEP

196608:/lZBRFwSkEJQTp+2bbABX3Xq+IUYD1aovSKvzHRcUCucc+0H/3vy4+DEJ96:/FrQTp+2bbABX3Xq+IUYD1ayT2Hv4okU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-14_c85fc691d7354f8ec8071ccd362ca655_anydesk_mafia_revil

Files

2024-10-14_c85fc691d7354f8ec8071ccd362ca655_anydesk_mafia_revil
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 8.4MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.7MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.custom
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_MEM_READ