cc1[.]exe | Triage

General

Target

cc1.exe
Size

12.1MB
MD5

e77432c1c06b8614b4a5c43c1903a030
SHA1

e4f39beeaf061b0187aaa09c7bb7b013d5420762
SHA256

0738ea0d9c071d889ccb0b31ed8d72b7b92504c30bc62274d557ad62db98c212
SHA512

f2f1a4861dddf6843f317dcb56740e6cecfef7d215849e840b720c54b0c915cf9f78b52d5d722a27a57df6456db02be45b71d0d3f48fe0a86f5532538d745a8c
SSDEEP

196608:kGpG6JfaO5WPoWwL9bLhYL7tUOL/ji4THtKUx3BPa9GIAxaOTzZRGRce3WRo9dfE:DxxB9bLentUOBTHtKmxGxRDAsS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc1.exe

Files

cc1.exe
.exe windows:4 windows x86

cfdaf1b114e9ca6dbba2256f92ae17d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_access
_close
_fdopen
_fstat
_getcwd
_getpid
_lseek
_open
_read
_stat
_unlink
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_filbuf
_findclose
_findfirst
_findnext
_flsbuf
_fullpath
_get_osfhandle
_iob
_onexit
_setmode
_stricmp
_vsnprintf
abort
atexit
atoi
bsearch
calloc
clock
exit
fclose
fflush
fopen
fprintf
fputc
fputs
fread
free
freopen
fseek
ftell
fwrite
getenv
localtime
malloc
memchr
memcpy
memmove
memset
printf
puts
qsort
realloc
setbuf
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtoul
time
ungetc
vfprintf
vsprintf

kernel32

CloseHandle
CreateFileMappingA
ExitProcess
FormatMessageA
GetFileAttributesA
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GlobalMemoryStatus
LocalFree
MapViewOfFileEx
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 682KB - Virtual size: 682KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 538KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_MEM_DISCARDABLE

.stabstr
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

cfdaf1b114e9ca6dbba2256f92ae17d8

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.data Size: 15KB - Virtual size: 15KB

.rdata Size: 682KB - Virtual size: 682KB

.bss Size: - Virtual size: 538KB

.idata Size: 3KB - Virtual size: 2KB

.stab Size: 5.3MB - Virtual size: 5.3MB

.stabstr Size: 2.2MB - Virtual size: 2.2MB

.text
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: 15KB - Virtual size: 15KB

.rdata
Size: 682KB - Virtual size: 682KB

.bss
Size: - Virtual size: 538KB

.idata
Size: 3KB - Virtual size: 2KB

.stab
Size: 5.3MB - Virtual size: 5.3MB

.stabstr
Size: 2.2MB - Virtual size: 2.2MB