sum[.]exe | Triage

Sharing

General

Target

sum.exe
Size

31KB
MD5

c9123ba8fffba3b7b63fb5c1407b5c6c
SHA1

9e1d1aa78ae1fcd78fc1dce9d612eb51a4755d32
SHA256

a319f803df3deb0a7b24989f5957d6433d1d289b757bcf2de1b229e927a2ac3e
SHA512

3fb0d22fd1fe1b08558404c9490b731625f49289899fb67b7cda10e58d92fe84db16b7e6c6238b3650b3c18fcb350073a640ba8793f4bb28525e74ea86c483fc
SSDEEP

768:ZXfsvPi+HIFJzXz4E4mWQXc1c7wqweNOOPhyqVx:Ua+HsD4AW8wcO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
sum.exe

Files

sum.exe
.exe windows:4 windows x86 arch:x86

ab376c814902439ec88e0ab6d950ab1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msys-1.0

__assert
__errno
__main
_ctype_
_read
abort
atexit
calloc
close
cygwin_conv_to_posix_path
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fflush
fopen
fputs
free
getc
getenv
localeconv
malloc
memcpy
memmove
memset
open
putc
realloc
setlocale
strchr
strcmp
strerror
strlen
strncmp
vsnprintf

msys-intl-8

__printf__
libintl_bindtextdomain
libintl_fprintf
libintl_gettext
libintl_sprintf
libintl_textdomain
libintl_vfprintf

kernel32

GetModuleFileNameA
GetModuleHandleA
GetStdHandle
VirtualProtect
VirtualQuery
WriteFile

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_cy
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 556B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE