sussy[.]exe | Triage

General

Target

sussy.exe
Size

8KB
MD5

d7faf38a447ca4b9346bf00321552a08
SHA1

8595311718dd54609c2e8d1cc3813fbcc67b2f14
SHA256

646283bc6c490a1f64b2098d53476f3be4dcc3b8f4a8a73adfd8ad2822252069
SHA512

67f288c25a769bb2a71f4ddbdd5ec2c9bb323835b1addad1792b145a49fc205a050704909acf1a20c17f5bd7f162558ae6a67a6cc202670a79902324defd2fd1
SSDEEP

96:Jn1YB7VCO68G7LDRAODwziInqY4KK21U61PWybAHhd41dEQwQAOJkiLvvqKqW:JivVG7Hy2XWLZkBd41+QrAO9qXW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
sussy.exe

Files

sussy.exe
.exe windows x86

c2b3f46252da39124a8416f482c06c96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer

user32

PostQuitMessage
DestroyWindow
GetMessageA
KillTimer
TranslateMessage
CreateWindowExA
DefWindowProcA
DispatchMessageA
LoadCursorA
RegisterClassA
SetTimer

msvcr120

__setusermatherr
_except_handler4_common
_controlfp_s
_invoke_watson
free
malloc
system
printf
fopen
fread
ftell
puts
fseek
fclose
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_XcptFilter
_amsg_exit
__getmainargs
_onexit
exit
_exit
_cexit
_configthreadlocale
__set_app_type
_initterm_e
_initterm
__initenv
_fmode
_commode
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_lock
_unlock
_calloc_crt
__dllonexit

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2b3f46252da39124a8416f482c06c96

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcr120

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 944B

.reloc Size: 1024B - Virtual size: 540B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 944B

.reloc
Size: 1024B - Virtual size: 540B