sg_flash_id[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sg_flash_id.exe
Size

64KB
MD5

2cf8055e9e9dfc679fe4cf7c89fff56c
SHA1

dd9169a40ba4fd20cf750225ce283a3646438692
SHA256

2f4868576ac7b74ceb384e6bc8d6d6086ab93c923835f72fd13465a54e36a907
SHA512

bdfa2ef4f5e60ba52a953e261b177303761c8bfd29adce78323ac97e8e4bad3b0e3b563c0a55f660a3ea533804bbc2c677a0dab0d2a6581749766a4d14b1bf89
SSDEEP

768:n1lCNPe7UihEG5swEGiOTE4vUqYGzUgZUy7pkMBuZKUymPgpLKfa65gjqJRWH:fqm7FUUrqy72+uiLKDgjaRWH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
sg_flash_id.exe

Files

sg_flash_id.exe
.exe windows x86

a10e8dc25e67ea0c8e1ec1405dd0a901

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

kernel32

GetCPInfo
GetNumberOfConsoleInputEvents
GetLastError
CreateFileA
GetVersionExA
VirtualFree
VirtualAlloc
CloseHandle
DeviceIoControl
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
HeapFree
WriteFile
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
RtlUnwind
SetFilePointer
HeapAlloc
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
LoadLibraryA
LCMapStringA
LCMapStringW
SetEndOfFile
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ