Update_0313Wed202453807289741_c[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Update_0313Wed202453807289741_c.exe
Size

7KB
MD5

262dffa0bbe343e13eeac4509bb45b69
SHA1

e5e18cb285c63aeabcb4681a50e4d8f843c00665
SHA256

3f60bc6b0fa83a526c8ddcaf1473609aca6d5709efd5f4673b1c12e3373ba2ab
SHA512

c3587f1802cfcb4ec86cd31d121bd17b5e9b99441d7e319d12bd774af68f974a09e1cd9c5ff8f52f66236dd7c703f903f6d04a843eec8c8f67dc7dfbb2896e42
SSDEEP

96:Oj1zJEj8OGrkIgyOr34MVHq6jfMWUfiNWUfiPSfeqoFCRKC7tSc:mzCJp3cyJWPWMFCRL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Update_0313Wed202453807289741_c.exe

Files

Update_0313Wed202453807289741_c.exe
.exe windows:4 windows x64 arch:x64

415061dcb45d57cbbe4d5966633333e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

fopen
fseek
ftell
fclose
malloc
fread
free
__iob_func
fprintf
memset
strstr
_strdup
_controlfp
__set_app_type
__argc
__argv
_environ
__getmainargs
exit

kernel32

ExitProcess
AddVectoredExceptionHandler
GetModuleFileNameW
SetCurrentDirectoryW
GetStartupInfoA
GetCommandLineA
GetModuleHandleA

libtcc

tcc_new
tcc_set_lib_path
tcc_add_include_path
tcc_add_library_path
tcc_set_output_type
tcc_define_symbol
tcc_compile_string
tcc_add_symbol
tcc_relocate
tcc_get_symbol
tcc_delete

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ