cd0473b2b5e57365ac9d5954c57e13f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd0473b2b5e57365ac9d5954c57e13f4
Size

241KB
MD5

cd0473b2b5e57365ac9d5954c57e13f4
SHA1

2f3495d165d07e0055e0e5b450b9c8068f6ab333
SHA256

89b27927cae78aeb8b75c298c60a2a7defbaa6a942a7f33cafdc9b0b6695f4c2
SHA512

c56221f23dd03efb443fbf752584a8a4ab479b6998f26209bd2331a93fbec9e735ad58480a7f6e23c27109f58f997cd8161b9bbf96b1a89bb2e74fa6e62a5e60
SSDEEP

6144:NRlK9zz6yF6Kq8TrHcrrIJ7UtQ//bbTdVfKJKc:NRgd1qSJ7UtC/BVaN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd0473b2b5e57365ac9d5954c57e13f4

Files

cd0473b2b5e57365ac9d5954c57e13f4
.exe windows:4 windows x86 arch:x86

f7b3f2c4ca9b65a2017ae22254bb2f37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SetProcessShutdownParameters
GetLastError
GetCurrentProcess
GetProcAddress
GetFileSize
GetModuleHandleA
GetTickCount
ExitProcess
Sleep
GetModuleFileNameA
QueryDosDeviceA
GetStartupInfoA

user32

GetSystemMetrics
MessageBoxA
SendMessageA
EnumWindowStationsA
IsIconic
GetClientRect
LoadIconA
DrawIcon
EnableWindow

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.strings
Size: 10KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ