cccf2870ca88036e65f014cec3e50f7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cccf2870ca88036e65f014cec3e50f7b
Size

187KB
MD5

cccf2870ca88036e65f014cec3e50f7b
SHA1

889a4bca690228c8047f1823294218fc922cbcc3
SHA256

5dc7bb92c968428b13736ef53781e8656d9ab9c8e48fe6f1371cd340182d0c01
SHA512

5855150293c5934317beca48131ef045e67d31eda54c4a0985a7a2262feb133c586861ab979a52944a6217f0cbbe2ffe80fe2679d0a850eef5b925ef549b0828
SSDEEP

3072:U090ABjW6wyY5fBU8Qj5AHYwPCBgJFM5KawJF32g0K+5C8bpb9Vm55u:99hBLwzvdHYwPCxNwT38KJ89Sk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cccf2870ca88036e65f014cec3e50f7b

Files

cccf2870ca88036e65f014cec3e50f7b
.exe .pdf windows:4 windows x86 arch:x86 polyglot

0fd75817e88bc985535ca2b23c86ca86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetTempPathA
CreateFileA
GetModuleFileNameA
GetModuleHandleA
ReadFile
OpenProcess
GetLastError
GetCurrentProcess
GetCurrentThread
lstrcatA
WriteFile
CloseHandle
TerminateProcess
WinExec

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenThreadToken

shell32

ShellExecuteA

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

Sections

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE