cdc65bacbd1ab89dc9a84046a71b12e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cdc65bacbd1ab89dc9a84046a71b12e6
Size

48KB
MD5

cdc65bacbd1ab89dc9a84046a71b12e6
SHA1

869421be8eddde1f4dcb6566d76e4539289af085
SHA256

bdf19506d678ff76405255caf321a4ed0e420e6cc657f08783967cb6726a5ba0
SHA512

ed402c399fd0164c25d67782d2ac744d5d7b2cc5fd71829cd315c792bfceb80f629a354bc19c274f873af83fe213dc50c4eebc313545eb505be8939f25bc6801
SSDEEP

1536:3PMo6qlA8UQFwqoOTPV6Q+mIIqtW6LgC:3PMalUQFhFrVhc7D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdc65bacbd1ab89dc9a84046a71b12e6

Files

cdc65bacbd1ab89dc9a84046a71b12e6
.exe windows:5 windows x86 arch:x86

b7547870634e631b1b0e5fbe02beeddf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
wvnsprintfW
wnsprintfA
StrStrW
SHDeleteKeyA
StrCmpNIW
StrCmpNIA
PathRemoveFileSpecW
wnsprintfW
PathFindFileNameW
PathCombineW
PathMatchSpecW
wvnsprintfA

advapi32

RegCloseKey
CryptReleaseContext
CryptCreateHash
RegQueryValueExA
DuplicateTokenEx
RegDeleteValueA
CryptGetHashParam

Sections

.ngl
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vaz
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ofup
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ