msgcomm[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

msgcomm.exe
Size

36KB
MD5

9efb1ec480dac5094bd77bfc6eef04f2
SHA1

13ff268f6393c22238bfd593983f51c0ab60981d
SHA256

2b72118f0120b5ddabd3ea0a11c568ff5c6fd5618f16330b0ebd3a9c9435d7f8
SHA512

7966d2408527d27bad69e2e9f5d442cdf3c9855b2c6bce5e0ee39b62807a49836420fd3bd4b3e3340b5cc0147f28d155016e4699ca38b94d360e6a4c7223ff64
SSDEEP

384:MwMM/SrrgjisPgsaCXcD4aFY7ZyK70m8e+kgpMuActu9ko7z2nYoNIu7:qXr83YsaV8aFMZyK70m+f4kos

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
msgcomm.exe

Files

msgcomm.exe
.exe windows:4 windows x86

52b4581b9de5befc86c01f486d638d70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cyggettextsrc-0-14-1

allow_duplicates
catenate_msgdomain_list
dir_list_append
input_syntax
less_than
line_comment
message_page_width_ignore
message_page_width_set
message_print_style_escape
message_print_style_indent
message_print_style_uniforum
message_print_syntax_properties
message_print_syntax_stringtable
more_than
msgcomm_mode
msgdomain_list_print
msgdomain_list_sort_by_filepos
msgdomain_list_sort_by_msgid
omit_header
read_names_from_file
string_list_alloc
string_list_append_unique
string_list_free
use_first
line_comment
line_comment
line_comment
line_comment
use_first
more_than
more_than
more_than
more_than
more_than
less_than
less_than
less_than
less_than
less_than
less_than
input_syntax
omit_header
allow_duplicates
msgcomm_mode

cygwin1

__getreent
__main
abort
atexit
calloc
cygwin_internal
dll_crt0__FP11per_process
exit
fprintf
fputs
free
getenv
malloc
printf
pthread_atfork
putchar
realloc
setlocale
strlen
strncmp
strtol

kernel32

AddAtomA
FindAtomA
GetAtomNameA
GetModuleHandleA

cygintl-3

libintl_bindtextdomain
libintl_gettext
libintl_textdomain

cyggettextlib-0-14-1

close_stdout
error
error_print_progname
gnu_basename
maybe_print_progname
program_name
set_program_name
error_print_progname
program_name
program_name
program_name

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 272B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52b4581b9de5befc86c01f486d638d70

Headers

File Characteristics

Imports

cyggettextsrc-0-14-1

cygwin1

kernel32

cygintl-3

cyggettextlib-0-14-1

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 32B

.bss Size: - Virtual size: 272B

.idata Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 32B

.bss
Size: - Virtual size: 272B

.idata
Size: 3KB - Virtual size: 2KB