Fatal[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Fatal.exe
Size

3.4MB
MD5

83fd1d93ec7530923169a138608ba943
SHA1

f6465ed0391715d946d7d00be2f3aaaa3b595060
SHA256

4e85c83714ec55f7af4153e6f5eefb3c4b8a6254dbdaaade7ddd70db63a82c30
SHA512

536ec0edfd9e6a59898f66b93834c57a0ee5f7138c312bf35d9029d493a4a4e31da77927f6fe7c3e68a1c9874e9beaf0bc648d0616b6899744a439e84976b16f
SSDEEP

98304:ca2K2VY8FY2eUgpQfqR3Ym5daZdjObRPkqXf0Fp:ca2KHrwqR3YmOZdgkSI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Fatal.exe

Files

Fatal.exe
.exe windows:4 windows x64 arch:x64

Password: Fatal

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tunde0
Size: - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tunde1
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ