easy_Benign_ffc6ae5855504ace0d9e72fb9dbf75222239e65ae5606ab81390af5797b9516b[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

easy_Benign_ffc6ae5855504ace0d9e72fb9dbf75222239e65ae5606ab81390af5797b9516b.exe
Size

8KB
MD5

6380986ac9f1e0689098f5eff2bc2aba
SHA1

4a7afdfb0cc3aa7ef1f3fe2f982ab5da7f19e85c
SHA256

ffc6ae5855504ace0d9e72fb9dbf75222239e65ae5606ab81390af5797b9516b
SHA512

02d19f85d1976771305b3e7b4a9bf40e79aa53c3ebfa5091a492cabbf0185538ebe61482f4dbe2c347f041f6e20e4581aa01280677ff3177d8e8c25f09a01113
SSDEEP

96:ZX1NtXDazuEFl/hvLHNA0QSU6jjSP9q1BMCD9gWRAIkR1bMMEo4:n3XENT/hKMjmPEBMCD9gWRLkffz4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
easy_Benign_ffc6ae5855504ace0d9e72fb9dbf75222239e65ae5606ab81390af5797b9516b.exe

Files

easy_Benign_ffc6ae5855504ace0d9e72fb9dbf75222239e65ae5606ab81390af5797b9516b.exe
.exe windows x86

8d791d3feb0c687c8d8698d0c7aac411

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_initterm
_wcsicmp
swprintf
wcslen
wcscpy

advapi32

AccessCheckByType
StartServiceCtrlDispatcherW

kernel32

TerminateProcess
GetVersionExW
LoadLibraryW
GetProcAddress
CreateThread
QueryPerformanceCounter
CloseHandle
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
GetProcessHeap
GetCurrentProcess
SetEvent
OpenEventW
Sleep
ExitProcess
HeapAlloc
OpenProcess
SetLastError

user32

MessageBoxW
wsprintfW

sbiedll

_SbieApi_EnumProcessEx@16
_SbieDll_Hook@12
_SbieApi_QueryConf@20
_SbieApi_QueryProcess@20

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ