cd0791686e4331ca22695df7829065ce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd0791686e4331ca22695df7829065ce
Size

6KB
MD5

cd0791686e4331ca22695df7829065ce
SHA1

eef7d6c15d5d77056603fc9467bc986d2c63f7ec
SHA256

c52bb7a70c0cc408ea4c930da7229d0166d366a7633f90481692be4f40b9b4de
SHA512

48f598d9857db10e41ccca92c0aeb92a859ef28466b027294294de6ed57c5d90cc64a04ec72571bb0ace900ae00bcba4649f040f78be9be63d9c18ab7d1c686b
SSDEEP

96:K/h1XNigjTBNpT9pC/GDCDTghiBIekANuyF5MvmaLedrkbMx:kVRTbPe1tayobe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd0791686e4331ca22695df7829065ce

Files

cd0791686e4331ca22695df7829065ce
.exe windows:4 windows x86 arch:x86

2e6ea095eefc13a49702858c3189a8bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

user32

wsprintfA
WaitForInputIdle

kernel32

GetCurrentDirectoryA
GetCommandLineA
FindClose
LocalFree
LocalAlloc
CreateProcessA
CloseHandle
WriteFile
CreateFileA
LockResource
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA
GetTempPathA
GetVersionExA
lstrlenA
GetSystemDirectoryA
lstrcatA
lstrcpyA
lstrcmpiA
SetFileTime
FindFirstFileA
GetWindowsDirectoryA
CopyFileA
GetEnvironmentVariableA
GetPrivateProfileStringA
lstrcpynA
GetPrivateProfileIntA
lstrcmpA
ReadFile
WaitForSingleObject
DeleteFileA
SetFilePointer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ