cd886795231c67df038555bec9a41d54 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd886795231c67df038555bec9a41d54
Size

129KB
MD5

cd886795231c67df038555bec9a41d54
SHA1

4e9137f297855fd682fcf45b13a4a56fde2e76a6
SHA256

cb03dcd86d4500488eb29351790435d4b7a83422720f374875b97d3af44ef7e6
SHA512

d9c6510f09908f500e435d21ba3fc1b78464382d58b04711ff982258b6a6bac9cb111311bbcabcd522185dc3e9e60ce8ac0d0fe505856e8949bf60c7860afcab
SSDEEP

3072:+sfW7UC+75ERVsj5/LJRR91N2LCrdPnQ2qLyEedbZU1E:W7UC+12VsbnTSLAxD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd886795231c67df038555bec9a41d54

Files

cd886795231c67df038555bec9a41d54
.exe windows:5 windows x86 arch:x86

4b109b51e510518a9aef3f560090979b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
TlsGetValue
FindNextFileW
HeapAlloc
GlobalUnlock
HeapSize
GetSystemTimeAsFileTime
OpenEventA
GetExitCodeProcess
OpenMutexW
GetDriveTypeA
DeleteFileA
FindResourceW
RtlUnwind
Thread32Next
GetVersion
GetConsoleMode
CreateDirectoryA
GetDriveTypeW
OpenMutexA
VirtualAlloc
GetCommandLineA
GetSystemInfo
GetThreadLocale
GetModuleHandleW
GetProcessHeap
GetCurrentDirectoryW
GlobalAlloc
WaitForSingleObject
GetStdHandle
ExitProcess
GetCommandLineW
IsBadReadPtr
GetTickCount
IsBadWritePtr
GetFileSize
GetFileAttributesA

Sections

DATA
Size: 3KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ