gate3[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

gate3.exe
Size

4.8MB
MD5

f168154ca30dbb495c17371137229ae9
SHA1

e45a78bcfe3cf169992affd2a208e10c8b8cfd6c
SHA256

322816639967861f9e4df4debbe8ada63ecc8c22200bb4a956875d7a7dcd65f1
SHA512

24d65bdaa586d315e161a7a254433bcc63b5e9b2f094a71afbb6bf5d8d9383f409111797a023fc1367eac9a0a308b923d102e638a48d48c82b4ba66963082e10
SSDEEP

98304:fx4Kus/VNYO1tdHTGtZq1ubjw7L7n9G6Z5Hpszu97t:fxMO1tdHTGOEybF7pszu97

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
gate3.exe

Files

gate3.exe
.exe windows:6 windows x64

46afc61b34fb8e20ac7399f0df86ba31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

InitializeCriticalSectionEx
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CoCreateInstance

Sections

.text
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp®0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp®1
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp®2
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 380KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46afc61b34fb8e20ac7399f0df86ba31

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: - Virtual size: 3.1MB

.rdata Size: - Virtual size: 240KB

.data Size: - Virtual size: 73KB

.pdata Size: - Virtual size: 85KB

_RDATA Size: - Virtual size: 252B

.vmp®0 Size: - Virtual size: 2.0MB

.vmp®1 Size: 3KB - Virtual size: 3KB

.vmp®2 Size: 4.4MB - Virtual size: 4.4MB

.reloc Size: 5KB - Virtual size: 5KB

.rsrc Size: 380KB - Virtual size: 385KB

.text
Size: - Virtual size: 3.1MB

.rdata
Size: - Virtual size: 240KB

.data
Size: - Virtual size: 73KB

.pdata
Size: - Virtual size: 85KB

_RDATA
Size: - Virtual size: 252B

.vmp®0
Size: - Virtual size: 2.0MB

.vmp®1
Size: 3KB - Virtual size: 3KB

.vmp®2
Size: 4.4MB - Virtual size: 4.4MB

.reloc
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 380KB - Virtual size: 385KB