C2lient[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

C2lient.exe
Size

452KB
MD5

d7a43fb233c7df02400b62cf8e5845df
SHA1

bc3effa59b01ac14e5f2cf44c98bf1ced9e0f280
SHA256

a98daa014e09814088d67c4a53e99162c3784705ad3aa1df92eb307a6dfa60df
SHA512

997bfa8bea8ce77295031601d928f71ab9cf51f1dd0a3b1c4a647adb9903936f1a9c8182548dfe3a22bec5f0d5ab8f9b525ab82445065ab1f1ea50befe0455b5
SSDEEP

6144:g/tccXV8FlIUEYtcsHHJNrjaCFe6VlWT8b9NYiwtvdthK3CGVYblatm:aXXGcuXrjXFPVle8G1hWlY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
C2lient.exe

Files

C2lient.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 449KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ