SIGMA-FFFFFF[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SIGMA-FFFFFF.exe
Size

631KB
MD5

3c213d1520d9ba83c8480e95b8df8c16
SHA1

5718e5999f4f2bea725f3a8a8d74da8e4bc9439f
SHA256

348c7f218517a8246a61ec7ff3f92dd5ebe4ca0e0ff3faee415e78e6e978d02d
SHA512

920254c19520a3baa4235d12bed0750c2bfc982e108a17c40756b31c7a003cc7b7e49da325af8747e70e3df3e6b463ebb7bd44c4eb708859655c2f005fd4a37d
SSDEEP

12288:kOHSpUAt0ybIZQRwSWRaYBfwolFMiqkZHWL58WbUF6QPQJ:kBpUwsPbLBfwp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SIGMA-FFFFFF.exe

Files

SIGMA-FFFFFF.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BOSSMAN
Size: - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BOSSMAN
Size: 629KB - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ