SFA[.]EXE | Triage

Sharing

General

Target

SFA.EXE
Size

2.8MB
MD5

96c4a9d5233ece2153726e38b14e8297
SHA1

4d3940d6c29e64f769c6401b6b150c3823bd3950
SHA256

6837d66b26892a077fa147a518ec3760361e3ca4e980f1977cf6d8d7cc74a584
SHA512

d0cbe2a51361c1b90aadad771a604b01b987421d2823b5f359d85ed9b440fca0bdfbc0ef4c6c635e6ace69dc12e4e557a78824ece3824d5386f13e7de8a91b03
SSDEEP

49152:BCLhR4htMzzVQ7UrolkD2+ubS0XnMH6VhkYgaKyI1fLgFc2M7vdKhU2zCdz:BIhRuczS7Ua+SSLL3Tg22qK2WCdz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SFA.EXE

Files

SFA.EXE
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 9.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE