DeadSmither[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DeadSmither.exe
Size

167KB
MD5

e3152edcbf668cec685f1abf26989fea
SHA1

fbd41be3553defcdba2b8e82af92b943f1995fa8
SHA256

342baf07b05a8ef53fc38ac3a8827271ccb3faaa23cf50abd0a7bd1a5542ce6a
SHA512

2e3fb74c9cad49dfc22d6a44b248ba2f42e5c313c1b14e1c6f378ef170dc6c8d649aac0795f99491e3c985b9929c20c57db97dc58df124b5093a6dc6810da045
SSDEEP

3072:OpP/9F/ix/A9wXnDLn1mFbTYGtdGt3WzZb29b/zBiut90C:U/9FO/AmL1mFbckdGtmzYR/zBiuj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DeadSmither.exe

Files

DeadSmither.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ