smss[.]exe | Triage

Resubmissions

23/01/2024, 09:35

240123-lkmtxahha7 3

Sharing

Copy URL Twitter E-mail

General

Target

smss.exe
Size

142KB
MD5

bd70dbb046f0d42624701d38e3a40ffb
SHA1

e238277b10d76e059538de692ae225495f880e3f
SHA256

5a325eef57abc4d3756150fd0ccb4163f19097eb8076fe94b18e73556390e6b7
SHA512

f57c8dadba1a6382e32f7b0928e09c91f18b63e2e27a4722ca2a90bc9be91dd85f94e77c86743eb3dffa79ab0488c84a627c1a47da5b6319636aa4e0c1576108
SSDEEP

768:gXrN0+he1NK5dKxpLVS7IzsnHfkUeXSMy0870YHvBb7JhAi/Ax+558OL25dPlUHi:lV1NK52iHfeS/DXvB4M8W6UOh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
smss.exe

Files

smss.exe
.sys windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ