artic[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

artic.exe
Size

443KB
MD5

c617d2f63b1050f0b1d8ec5780914f21
SHA1

bb05a19135bbba965d45dcdcb1e8b2b220e7220a
SHA256

c20c5310966bef41a0ae5ee8859f8bffd42d33e932a90a849a908a23b3afd90a
SHA512

edbc4c197c1a5816b01c3ddbf95e18b90413afb20bc7ad258f20a37f4a4ad58016891c3497d308f7d0b424ef9a1f0fc4dc76d0295042da17dd3c7631e46f8022
SSDEEP

6144:72jS27ADyZH+jA/0IdlndRtbXzvgTSQG8Ag1++h7HJ2vm3M+JxGMETAe1KV7o:72jL+Sl/BzTQG8AgFJ2WDULfU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
artic.exe

Files

artic.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.+st
Size: - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.8`S
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ