msysmnt[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

msysmnt.exe
Size

1.3MB
MD5

42f02b4c4c6925ff61eb3ba8534e2834
SHA1

89e7d95e948c2972a81e3302f5d8b90d8baccabb
SHA256

82665b6da682727e00c5fa65cb27839f35cfeed575c2bdfb3286300bb2330764
SHA512

240ab848245a8bf3c9c9f7d4316d3c246a1e982a2bdd5771b8218c3664e4db4977a6b0be236dd1fa8d4c4b88ecc22a378ec3756c223e2411da80805e5d6a6ced
SSDEEP

12288:37VeOrPVBo9nNZ9Q3rxBTRoJvCImgIUKvOOzFFHDViStfHP89szjqBVT9VNA95sT:37V/8wfHPly65sdYW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
msysmnt.exe

Files

msysmnt.exe
.exe windows:4 windows x86 arch:x86

130b9329c84bd0f24402ddb03bcc15ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msys-1.0

__errno
__main
abort
calloc
cygwin_conv_to_posix_path
cygwin_conv_to_win32_path
cygwin_internal
dll_crt0__FP11per_process
endmntent
exit
fprintf
free
getmntent
malloc
memcpy
mount
printf
puts
realloc
setmntent
stat
strcmp
strerror
strlen
strncmp
strrchr
strstr
vsnprintf

kernel32

GetModuleFileNameA
GetModuleHandleA
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_cy
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 152B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.stabstr
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ