cdc-35c[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cdc-35c.exe
Size

4.9MB
MD5

e40b9d023f5a67c34086f0e25839d17f
SHA1

60c46db3f325367796a28e43018af725461b3300
SHA256

28e19d829c954e11d9294a65b7d72065dcaff2ab4a40e061067782c4dca5b036
SHA512

989ec2f6d3e38c3e8cf4f33f5d7a6ea02030c2fa0e3b592e15d6716f3b73e867168dbeb5c5cd100b94d2f682a9bf7b8bcf9301741746aad0088aedecc59f8bb8
SSDEEP

98304:H51zqOKxbYiUtVTMMnS8pa53Hkrl7nFFpbS+tcDCle3lv+nBx:ZxrHgMn/pRDPFS+GDC0F+n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdc-35c.exe

Files

cdc-35c.exe
.exe windows:4 windows x86 arch:x86

d01d1c5de127636220f666f8c9d9e1b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
HeapFree
WaitForSingleObject
DeleteFileA
GetProcAddress
Sleep
GetModuleFileNameA
GetProcessHeap
HeapAlloc
LoadLibraryA
GetExitCodeProcess
TerminateProcess
UnhandledExceptionFilter
LCMapStringA
FlushFileBuffers
LCMapStringW
ReadFile
FileTimeToLocalFileTime
SetStdHandle
FindNextFileA
FindFirstFileA
FindClose
MoveFileA
GetUserDefaultLangID
GetVersionExA
GetSystemDirectoryA
GetWindowsDirectoryA
GetShortPathNameA
CreateDirectoryA
GetTempFileNameA
GetDiskFreeSpaceA
CloseHandle
CreateFileA
GetLastError
SetEndOfFile
SetFilePointer
GetCurrentProcess
ReleaseMutex
RemoveDirectoryA
CreateMutexA
GetTempPathA
WriteFile
FileTimeToSystemTime
GetFileInformationByHandle
FreeLibrary
SetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
GetFullPathNameA
HeapReAlloc
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentDirectoryA
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
GetDriveTypeA
GetFileAttributesA

user32

wvsprintfA
GetWindowRect
GetSystemMetrics
FindWindowA
EnableWindow
GetDlgItem
SendMessageA
wsprintfA
SetDlgItemTextA
LoadIconA
SetClassLongA
DialogBoxParamA
MessageBoxA
MoveWindow
ExitWindowsEx
IsDialogMessageA
DispatchMessageA
TranslateMessage
ShowWindow
PeekMessageA
SendDlgItemMessageA
EndDialog
LoadStringA
SetFocus

gdi32

DeleteObject
CreateFontIndirectA
GetObjectA

comctl32

ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

RegSetValueExA
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d01d1c5de127636220f666f8c9d9e1b2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

version

advapi32

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 26KB - Virtual size: 64KB

.rsrc Size: 57KB - Virtual size: 57KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 26KB - Virtual size: 64KB

.rsrc
Size: 57KB - Virtual size: 57KB