cbf81aa4def64cc734bef851f0a1a673 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cbf81aa4def64cc734bef851f0a1a673
Size

32KB
MD5

cbf81aa4def64cc734bef851f0a1a673
SHA1

252e39c5b657cda004d7e01fe3d7a5bff6c734c5
SHA256

22da2622b3f3cabf2593551971c70e61af33a23d0bbbcc2119ad564bce00335a
SHA512

63636eea147d3576129ae7d4d29836a61c123dfebad3234a47baaa26d1c9fc8263701c52088681ba9607453277b6bc19df52fe64cc5ca6186f8dc7e901eaac45
SSDEEP

768:WD0FHoOD2i34DwBDh5XMT4GRE1Q0HJzf2d8LPgu/lAz:WD0FHoOiJDaMvRE1Q0pzfrD/lAz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbf81aa4def64cc734bef851f0a1a673

Files

cbf81aa4def64cc734bef851f0a1a673
.exe windows:4 windows x86 arch:x86

c8f8791da5a820e14180a26a2f30ad5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

shell32

SHGetSpecialFolderPathA

wininet

FindNextUrlCacheEntryA

shlwapi

SHDeleteValueA

user32

GetSystemMetrics

advapi32

RegSetValueExA

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

ole32

CoInitialize

oleaut32

SafeArrayCreateVector

msvcrt

strtok

Sections

.text
Size: 26KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE