w3crypt[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

w3crypt.exe
Size

120KB
MD5

3e7591082b36244767c1b5393a44f846
SHA1

ed247b58c0680b7c92632209181733e92f1b0721
SHA256

08029396eb9aef9b413582d103b070c3f422e2b56e1326fe318bef60bdc382ed
SHA512

16b3665d7302b9a36bc77476a6e8b901c2707c8a145ef7f5e056267ed61dedfe29adda4081f26fcffd4a6ca7ebb9a8c6c63dac9285934b58f18225a58799f170
SSDEEP

3072:+VoCB38uhynTEpVIYbQf91G3im/2Ef07JysggXl9zIgTdTRHpDyfZV+DnTyITOcs:tTEpVSrRDz52

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
w3crypt.exe

Files

w3crypt.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ