cdaaa69d52042e54d017f597d21ee2a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cdaaa69d52042e54d017f597d21ee2a2
Size

635KB
MD5

cdaaa69d52042e54d017f597d21ee2a2
SHA1

68ef9ce78c2fc9591391932c9853ec83b0e7946a
SHA256

9379a831c4ddf6b933a19ba4c6bd6e288a019c6666814ebdfdd3dcd74bb9a5c4
SHA512

e235d6a6d6276a688b0feb8141ee697facf597f0353b382bf2f71bdcf7e374fba6422e2c2762f97a380a48ff081e815778fd543b2cd7d7f846d1f3f07a5d16a4
SSDEEP

12288:fctuFr+LHCGJ3U+qwn1g7YNjBGTTOPxoEhwmGaN37K6v+pwtl5n+:fct8eGsC7YNjYTTUxoEPPN37Lmp+i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdaaa69d52042e54d017f597d21ee2a2

Files

cdaaa69d52042e54d017f597d21ee2a2
.exe windows:4 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

CODE
Size: 610KB - Virtual size: 780KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DAStub
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE