3c90fd48913c4ce6f4635e4125c26ac0_console[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c90fd48913c4ce6f4635e4125c26ac0_console.exe
Size

5KB
MD5

3c90fd48913c4ce6f4635e4125c26ac0
SHA1

40225b4a4fe720eb3e49dcb9e8ae237f99913f62
SHA256

234ccad0a899d04c72f8ca8aad325945a68e2f963adc37c3bbb04a93fe5061e5
SHA512

360f888c391847cb051bab3113bb7ea1d6b6e0e456208cccbc8927888ad78757a4b6505414166d11272ceaa58ed25c8af9e0674ef2fbe6fc9b2a00250ee79207
SSDEEP

96:YXtHQX5J1Vuq9TAQBbd01aTrHQ7o7LorlAoe:YhQXzztf9d01hUforl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c90fd48913c4ce6f4635e4125c26ac0_console.exe

Files

3c90fd48913c4ce6f4635e4125c26ac0_console.exe
.exe windows:4 windows x64

91a3696eb64f739d83dc0a7119e85ec5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetSystemTime
Sleep
ExpandEnvironmentStringsA

msvcrt

memmove
printf
system
_vsnprintf
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

urlmon

URLDownloadToFileA

snmpapi

SnmpUtilOctetsCpy
SnmpSvcGetUptime
SnmpUtilVarBindFree
SnmpUtilOidNCmp

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ