cbb901d23a4d05fba095d74b37799d39 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cbb901d23a4d05fba095d74b37799d39
Size

354KB
MD5

cbb901d23a4d05fba095d74b37799d39
SHA1

e01bd06d3c9a38162b31e483aa03d444731d78fe
SHA256

411844752b861de18636c269f646e210fdbac87d501e7ed7b7901daf84d3413f
SHA512

d28bdeb663ae950aafd7eff0481f968fee52928bafcec6c4c3badf75bb7c795fbe2bc1aab5ae7aaee16194869d46439b4f6c00d7be41decf7bfc6a24585b9580
SSDEEP

6144:ntqAtyQTlskkIB8agSd+/3KTliqpiAG4X/A/HWQhD4Doj+Cu:ntNtyUl7kALd4ilBpi/44F/2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbb901d23a4d05fba095d74b37799d39

Files

cbb901d23a4d05fba095d74b37799d39
.exe windows:4 windows x86 arch:x86

6592592d8534d25964d2f31296026301

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetCommandLineA
VirtualProtect
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
GetStringTypeW

advapi32

RegCloseKey

ole32

CoGetMalloc
CoTaskMemFree
CoTaskMemAlloc

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 573KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ