ComSvcConfig-tampremoved[.]exe | Triage

Resubmissions

12/05/2023, 06:47

230512-hj7k5sed5v 3

12/05/2023, 06:47

230512-hj7k5sed5t 3

12/05/2023, 06:37

230512-hdg4ased2w 3

Sharing

Copy URL Twitter E-mail

General

Target

ComSvcConfig-tampremoved.exe
Size

3.0MB
MD5

3d323f8bcbb82be732ace465ffe91a34
SHA1

f8808d124e79238871ab1f5fa5953626dd897fee
SHA256

fb6bf0163ae091c886c0bd3687db9fda582197970418d1f079e84a783a20e48a
SHA512

a30dd8b315dda21d012c93f9d2c4f7b2d097574b54d84dfd9ffe6da57536ddfd9916c735e2c4c0a3dcbc25a739ce01c089222d152591bbda8b25ba5d14d5850c
SSDEEP

49152:uST47923ZWzJfCk5t5e2a+aZAwYvZqQMy64gXRgvWRqBbd808a1iH9+hn:uST479KIht9uAwszmXRKWRG2agd+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ComSvcConfig-tampremoved.exe

Files

ComSvcConfig-tampremoved.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.0MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ