challange_Benign_75f86b109fe7148c403943529d916b079193714a0b8a7e2f884ec6eb5a84b4b0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

challange_Benign_75f86b109fe7148c403943529d916b079193714a0b8a7e2f884ec6eb5a84b4b0.exe
Size

7KB
MD5

987b22ae98582af5a50f9c08ae63bbc4
SHA1

511d61210e7d4321d358443c407c4a7b6147174b
SHA256

75f86b109fe7148c403943529d916b079193714a0b8a7e2f884ec6eb5a84b4b0
SHA512

e606940c22a3aa75b6b9a8bea575115a145cc0cb5ae9d01657f4cdbe6278aa6d9a699e814e76c3af30030efefd89aeda256436785728cd9d71f813c2cd65943c
SSDEEP

96:bZ1zJEj8OGrkIgyOr34MVHqGjKMWUfiNWUfiPSfeqoFCRKC7tSc:fzCJp3cyCWPWMFCRL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
challange_Benign_75f86b109fe7148c403943529d916b079193714a0b8a7e2f884ec6eb5a84b4b0.exe

Files

challange_Benign_75f86b109fe7148c403943529d916b079193714a0b8a7e2f884ec6eb5a84b4b0.exe
.exe windows x64

415061dcb45d57cbbe4d5966633333e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

fopen
fseek
ftell
fclose
malloc
fread
free
__iob_func
fprintf
memset
strstr
_strdup
_controlfp
__set_app_type
__argc
__argv
_environ
__getmainargs
exit

kernel32

ExitProcess
AddVectoredExceptionHandler
GetModuleFileNameW
SetCurrentDirectoryW
GetStartupInfoA
GetCommandLineA
GetModuleHandleA

libtcc

tcc_new
tcc_set_lib_path
tcc_add_include_path
tcc_add_library_path
tcc_set_output_type
tcc_define_symbol
tcc_compile_string
tcc_add_symbol
tcc_relocate
tcc_get_symbol
tcc_delete

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ