SetGamma[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SetGamma.exe
Size

6KB
MD5

af929cf77996742f6f27e3157084b675
SHA1

774b3d65c4cc6a7e53093ca274b522410f8db39a
SHA256

bfbae4efb26bf8255c5d24d8b3df688c300e196a467a5f29779705ded20cf196
SHA512

36d16f2c3f1352e2dbafcc42bb6a22af66ad951d9371e965b9413c6424fc140e767f372bdcbb36846bd72a27bb27b61034c8ed87a301d934c4e39a9bbffcc214
SSDEEP

96:KCBgbBPpTlhpWX/huETaFQekBPH7EBmkJln/Xh0kU+YP0L:KCBgbBPpTlhpWX/huEHe8H7s9n/R0kUh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SetGamma.exe

Files

SetGamma.exe
.exe windows:4 windows x86

a77ac496b3f0b3bd028868c14ca7e377

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateMutexA
LoadLibraryA
FreeLibrary
GetStartupInfoA
GetModuleHandleA
GetProcAddress

user32

GetMessageA
MessageBoxA
GetDC
ReleaseDC
FindWindowA
SendMessageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
DestroyWindow
DispatchMessageA
DefWindowProcA
PostQuitMessage

gdi32

SetDeviceGammaRamp

msvcrt

atoi
_XcptFilter
exit
_exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_ftol
_CIpow
__setusermatherr
__getmainargs
_acmdln
_initterm

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ