CordKilla[.]exe | Triage

Sharing

General

Target

CordKilla.exe
Size

12KB
MD5

dcdfa5d5c5a013d16892fc8b8cf21278
SHA1

d60aa6cbfdfcb541bd3cc9e828988b58e1e04d11
SHA256

a62184b1ac0ca25e93fff3b4522f84701ee69baea5dbeb851cddf52d215a47e6
SHA512

059d35c662a7be0e9cc14725fba41db6d3e0d1511db92d560858c3f88617417cb95cd1f482741e04d08a146af5ddf23a238b7085ab62f45a74c4de13a28cb7e6
SSDEEP

192:WUsDEp+7bADqC/YgQeUg4LBtiteQT3PpGlcc5+Rqm8Jf+wdyz:tsDLbADqUx4ateQ7xGWR9Ue

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CordKilla.exe

Files

CordKilla.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.toad
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ