cc5dbf101e7e119dbc8d6a9064cb3b87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cc5dbf101e7e119dbc8d6a9064cb3b87
Size

579KB
MD5

cc5dbf101e7e119dbc8d6a9064cb3b87
SHA1

64a04efb995b614f095c27561364267d59c8c8fe
SHA256

11f28629de9c24381ede65d64da453625a7d2188d1fd277736c6190c0ee9335e
SHA512

6f350acabd340a684073a1b1c7f896ed3571f6a49339afebc3975a6d2dc486193e1748b2f7cb2d3ce57ff0ae5260875738fca785d2478899fcb14be62b7fe2de
SSDEEP

6144:SnqfkIfjOzixt5AB57JobKnHE4J/HS9EtkXHMx9BnX:Snqf9jIixxs/HJtkXM9nX

Score

10^/10

Malware Config

Signatures

Nirsoft 1 IoCs

resource	yara_rule
sample	Nirsoft

Files

cc5dbf101e7e119dbc8d6a9064cb3b87
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

61:63:84:1e:89:c2:0f:b2:40:c6:9d:3f:1e:74:6c:13
Certificate

Issuer

CN=Luke-PC\\Luke

Not Before

01/02/2015, 20:47

Not After

02/02/2016, 02:47

Subject

CN=Luke-PC\\Luke

db:ba:f5:4b:0a:fc:49:c8:42:50:2b:c3:9e:ae:8c:97:2f:98:fa:18
Signer

Actual PE Digest

db:ba:f5:4b:0a:fc:49:c8:42:50:2b:c3:9e:ae:8c:97:2f:98:fa:18

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\User\Desktop\Programing\Cyperine\Cyperine\obj\x86\Release\Cyperine.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 413KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ