2024-09-19_f0584531c7e28b1f8b3b9cdab6e22faf_crysis_dharma | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-19_f0584531c7e28b1f8b3b9cdab6e22faf_crysis_dharma
Size

92KB
MD5

f0584531c7e28b1f8b3b9cdab6e22faf
SHA1

d6d1628c3154be80499c3d23d981db32438c4028
SHA256

83b294975e094024bdeb90f5cdeb9832304cf6879a27eee5cfe08650e5731674
SHA512

04d23952ade7e5a6ec4b9b79e37dcd39795864852a5a10c7d02359918014cc8f332286a990a30222b230e66d7bd6d9675b0f43d7d3b655954e077d8fa097b056
SSDEEP

1536:tBwl+KXpsqN5vlwWYyhY9S4A3KOO3guHp0caS0nlTjuSHGOVCJyk/:Hw+asqN5aW/hLYb0HXTjuSHGxJy6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-19_f0584531c7e28b1f8b3b9cdab6e22faf_crysis_dharma

Files

2024-09-19_f0584531c7e28b1f8b3b9cdab6e22faf_crysis_dharma
.exe windows:5 windows

f86dec4a80961955a89e7ed62046cc0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\crysis\Release\PDB\payload.pdb

Imports

kernel32

GetProcAddress
LoadLibraryA
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetLastError
EnterCriticalSection
ReleaseMutex
CloseHandle

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE