CIMCCYMIS_Client[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CIMCCYMIS_Client.exe
Size

625KB
MD5

40157c728b06e53b647dd230046a3812
SHA1

8f67bd21eba60c65bf3aee3bdf266da685d31a32
SHA256

e0b749dfe8a16f8d77ad563071890c7b46028138a78fe86b4f38ad82259b05d2
SHA512

05249c9c97c8b262dcf89a506fabfa2d9456567a70e703e97dd098f25afa4a6ea290d0ba39f5b4b0722c6269f12a6fab4b5190b891ec90896abfc9760957f292
SSDEEP

12288:BbgrPwlniIErgIzf9qCr7pTx/58dQq2PDu51ZZGcI6f4St5V61XA3H:BbgrPwlurL9T7Nd58dQRPaaPOV61Q3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CIMCCYMIS_Client.exe

Files

CIMCCYMIS_Client.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 613KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ