m4[.]exe | Triage

General

Target

m4.exe
Size

219KB
MD5

96bd9c9aa0e5961c4680caf574207359
SHA1

8745712a052a6783613a883921405b59007d666a
SHA256

771d7b0589b5aee6bfac3070ef3fb11f2ad13daa5c3649051875c55d0bb91f52
SHA512

c56f6f76af9c32aacc0197e9e1ce7f2114384483beeef226b6ca761d22dd3488ba2e132bca5c574311bce1af31edc8a3aff31b8c5d52bc797883b25b88224bd8
SSDEEP

3072:v7gmmUEtlGSDZa71bxqzENcAipuctfxaNeyTXAQfHqzE1ZI4pB2eyM1LJULtMqxt:T8XjZaJBNc7uckeGXAQfi4S43ZJan

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
m4.exe

Files

m4.exe
.exe windows:4 windows x86 arch:x86

276e90e7228fb4d1959ca8084eb8dc09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msys-1.0

__errno
__infinity
__main
__mb_cur_max
_ctype_
_exit
abort
atexit
calloc
close
cygwin_conv_to_posix_path
cygwin_internal
dll_crt0__FP11per_process
dup2
execve
exit
fclose
fcntl
fdopen
fflush
fileno
fopen
fork
fprintf
fputc
fputs
fread
free
frexp
fseek
fstat
ftell
fwrite
getc
getdtablesize
getenv
getgid
getpid
gettimeofday
getuid
isnan
kill
ldexp
localeconv
lseek
lstat
malloc
mbtowc
memchr
memcpy
memmove
memset
mkdir
mkstemp
open
pipe
pow
printf
putc
puts
qsort
raise
realloc
rename
rmdir
sched_setparam
sched_setscheduler
setbuf
setegid
seteuid
setpgid
sigaction
sigaddset
sigemptyset
sigismember
signal
sigprocmask
snprintf
sprintf
stat
strcasecmp
strcat
strchr
strcmp
strerror
strlen
strncmp
strrchr
strtol
ungetc
unlink
vfork
vfprintf
vprintf
vsnprintf
waitpid
wcslen
wctomb
write

kernel32

GetModuleFileNameA
GetModuleHandleA
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_cy
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

276e90e7228fb4d1959ca8084eb8dc09

Headers

File Characteristics

Imports

msys-1.0

kernel32

Sections

.text Size: 196KB - Virtual size: 195KB

.data Size: 19KB - Virtual size: 19KB

.data_cy Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 20KB

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 196KB - Virtual size: 195KB

.data
Size: 19KB - Virtual size: 19KB

.data_cy
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 20KB

.idata
Size: 2KB - Virtual size: 2KB