cb475817816596562ac3c194f6d9d751 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb475817816596562ac3c194f6d9d751
Size

2KB
MD5

cb475817816596562ac3c194f6d9d751
SHA1

204d0a7cf621429aac4d12acdbda9f1fbd1ac711
SHA256

8116e41cc5b631cff4b32eaf974fcb5f9eac59d5b150f08ffb91f345b45e863f
SHA512

0d98adaf3f283b48c6c09bea537d80d75084a74f64715e4d3fae40f7cf5d5ad8b1155a8138a6d7589c33766eb2463f36faf08e591e21abd6a88f14064366c5de

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb475817816596562ac3c194f6d9d751

Files

cb475817816596562ac3c194f6d9d751
.exe windows:1 windows x86 arch:x86

0e396b7a8a0a3fa855f792abee514b8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateRemoteThread
ExitProcess
FindResourceA
FreeLibrary
GetDriveTypeA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
OpenMutexA
OpenProcess
ReadProcessMemory
SizeofResource
Sleep
VirtualAllocEx
WriteProcessMemory
lstrcatA
lstrcpyA
lstrlenA

user32

FindWindowA
GetWindowThreadProcessId

shell32

ShellExecuteA

Sections

.flat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ