cNHgZZn[.]exe | Triage

Sharing

General

Target

cNHgZZn.exe
Size

3KB
MD5

3e219eacdc9e69ba540bd94310dfe081
SHA1

61664863d878970c87166ca6644a5abffc3b0fd9
SHA256

a165300473e98f9424f8bcc9a6ba2ef80a4bb08d10f2fc45a2bacd42c129be11
SHA512

5702720a596a86ec88bbfbb6f6be8aee0de2465e0ee39095a5f9e0298e99109e4df4c17ba0143ca83aa1aabf7c8713d9c472d0d44f0c2089d8c4f08c7f44e266

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cNHgZZn.exe

Files

cNHgZZn.exe
.exe windows x86

1ef00bfbfb19627995348fe973d67a13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntdll

strlen
memset

msvcrt

malloc

kernel32

GetTickCount
OutputDebugStringA
VirtualAlloc
OpenProcess

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ