cb4a4ee933af3c1327d5168279f79d4b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb4a4ee933af3c1327d5168279f79d4b
Size

16KB
MD5

cb4a4ee933af3c1327d5168279f79d4b
SHA1

fef2bac9ae579f46bb93d06b7f09bab1f7b24527
SHA256

56c46e285286b4a912fc41c328cec3c7148508712b995908230448eb7fbfe7e5
SHA512

11519f9423129a735ef90ec17e6c229e17b212e70153a4fe2223a9dbf4dd907ad57c6383d2f8583422f5994c1a67f2aa4376d8872ee4c682add9243501638a7c
SSDEEP

48:aNNrgnViGudCc/EbWOpVlj4lHg7+mt0vkmsu0I1Qtboyl1mZzu:I3/EbWMVlEhS04I6tboynmZzu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb4a4ee933af3c1327d5168279f79d4b

Files

cb4a4ee933af3c1327d5168279f79d4b
.exe windows:4 windows x86 arch:x86

c1d51bd4431a9b32c165207554983e9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetCommandLineA
GetModuleHandleA
GetStartupInfoA

netapi32

Netbios

mfc42

ord800
ord535
ord2818
ord540
ord690
ord5207
ord389
ord939
ord941
ord537
ord2764

msvcrt

__CxxFrameHandler
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??3@YAXPAX@Z

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1022B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE