cb4f7a9b378dacc8df4a6a4cd0de2514 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb4f7a9b378dacc8df4a6a4cd0de2514
Size

172KB
MD5

cb4f7a9b378dacc8df4a6a4cd0de2514
SHA1

7075ba4151635342ff1e5096ac69c27b1d7e0044
SHA256

d37a08a8964964fd803c3a05737b63a493fa824eb79562e3373503b57c4a4d26
SHA512

6782e0e9215374147a694eeb6a796d83d3b9646c54b5d7558e17050a2a7cdfc8ce104ca3b1799443aa5765b184293a3e08de14f9a9f884604f642eef96202ea5
SSDEEP

3072:d04syKhOOKxMPU7KdPWNxdkywwgoJs6v7TApqqA+fkQK4:d04YbiMPnwjkywwPxv78EqAsk34

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb4f7a9b378dacc8df4a6a4cd0de2514

Files

cb4f7a9b378dacc8df4a6a4cd0de2514
.exe windows:4 windows x86 arch:x86

75f01e6e3d8cf72a26946b1498e26652

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

kernel32

VirtualFree
AddAtomA
TlsAlloc
IsBadWritePtr
GetEnvironmentStrings
TlsGetValue
SetHandleCount
GetFileType
HeapSize
SetLastError
TlsFree
GetCurrentProcess
HeapCreate
GetSystemInfo
FreeEnvironmentStringsA
TerminateProcess
EnumResourceNamesA
InterlockedExchange
GetStdHandle
TlsSetValue
VirtualAlloc
FreeEnvironmentStringsW
GetACP
GetVersionExA
GetEnvironmentStringsW
IsBadStringPtrW
GetLocaleInfoA
SetEndOfFile
GetStartupInfoA
GetModuleFileNameA
UnhandledExceptionFilter

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ