CloudFlare Resolver[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CloudFlare Resolver.exe
Size

205KB
MD5

37d3b260f2c08c634f911279e2003693
SHA1

f19da88cc5421f8e22dfdab7b63205f086c2d9f0
SHA256

89e346e3baf2714be3652f81cda64351eb687806ee2710246a075319968ede07
SHA512

b7c79f28d23dce316f3ef85836c23c79ea75a7a4e46c1287f41e89dcad1de16dbf95b237df2f4fa3b481a5c15b320e41b829644b63ba380c6800cd3d2c969037
SSDEEP

3072:9xJlGbnFCfUM7GTa4dcsOvXUf29xJxJlGbnFCf:9NGbFf+yhO8ivNGbF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CloudFlare Resolver.exe

Files

CloudFlare Resolver.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 163B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ