c0dbd72616ddcdd564f42cc6ccb329fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0dbd72616ddcdd564f42cc6ccb329fa
Size

1.7MB
MD5

c0dbd72616ddcdd564f42cc6ccb329fa
SHA1

9c0776d8522bf37e06761b823075107d72517b30
SHA256

7370c25b98458474623b3ddc087715cc7a46687ceddff0f77af86760b7e2d5c2
SHA512

f71e2d0cdcabe735b0ea1d26169a90bd7578da81b5538b6bd965ab8cfe5eaeb98333c6050ec6b4282c72bbdb488ee65f24fd7c7e85b4d035d9b0cabcddcb0071
SSDEEP

49152:U4e02m/nZdKUxCBrvoM0FChXmHVaHVHw1MQFKzGp:V3/rKUxetkn1MQd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CYYWebExtractSetup.exe

Files

c0dbd72616ddcdd564f42cc6ccb329fa
.rar
CYYWebExtractSetup.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 496KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url