file2cms[.]cms | Triage

Sharing

General

Target

file2cms.cms
Size

1.3MB
MD5

7a8ff582c7e91af4c10019b82ada67b4
SHA1

e2f42f1520058593d93e5378760724f918705b04
SHA256

b35e23599a0c1f88bc04a1a656aa158fda2fc46750d810bfe6801f96cdbec0fa
SHA512

1087afe7168c66e10858e88004d213fa7286cae22b538324045595e637739938ef47273ccc8efda83e84f115d2800b121b18d3ca9241b9f04b386d887b301018
SSDEEP

12288:k63GNTFtSCQ8NLaVhGqEdxtsvoxR6polnJeGek1XAmb/VVyor5M1ITUHAS/JaNq8:dRQZrx1iKn27A0TqD4+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

file2cms.cms

Files

file2cms.cms
.dll windows x64

f4e7bb43f5590a96950cc8800ef7c885

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WaitForMultipleObjects
GetLastError
GetProcessHeap
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection

Exports

Exports

A4SHyewr
ASeHtqwe
AShyqwDS
DhFuwea
HgjueJDuw
KHDwerw
PlshjtnbMdivesgd
SgwEkis
YbrdocpewqhdTpyoxecs
asd3DGF
er7Hssa
fairly
gigi
handdaily
part
qsadew
rewoo
saHfyw

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE